Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Plugin and shockwave pop up errors, computer just generally slow to re

Started by shajoe44 , Nov 03 2013 02:13 PM

Please log in to reply

#16
shajoe44

Posted 26 November 2013 - 08:35 PM

Member

Topic Starter
Member
262 posts

I did as you instructed.........rebooted and here is results

Vino's Event Viewer v01c run on Windows XP in English
Report run at 26/11/2013 9:32:13 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/11/2013 9:03:58 PM
Type: error Category: 8
Event: 20 Source: Windows Update Agent
Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).

Log: 'System' Date/Time: 26/11/2013 7:23:17 PM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the Schedule service.

Log: 'System' Date/Time: 26/11/2013 6:19:17 PM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the Schedule service.

Log: 'System' Date/Time: 26/11/2013 4:40:03 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AVGIDSHX

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vino's Event Viewer v01c run on Windows XP in English
Report run at 26/11/2013 9:35:11 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/11/2013 9:02:00 PM
Type: error Category: 0
Event: 5000 Source: NativeWrapper
The event description cannot be found.

Log: 'Application' Date/Time: 26/11/2013 9:01:56 PM
Type: error Category: 0
Event: 1023 Source: MsiInstaller
Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.

Log: 'Application' Date/Time: 26/11/2013 9:01:54 PM
Type: error Category: 0
Event: 11706 Source: MsiInstaller
Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#17
RKinner

Posted 26 November 2013 - 08:58 PM

Malware Expert

Expert
24,625 posts

It worked since there is no new error for AVGIDSHX.

This one:

Log: 'System' Date/Time: 26/11/2013 9:03:58 PM
Type: error Category: 8
Event: 20 Source: Windows Update Agent
Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).

and the Application errors are related to .Net. You can try to reinstall it but it will probably continue to fail. There is a Microsoft page on the problem:

http://support.microsoft.com/kb/976982

I usually wind up removing all of the .Nets and reinstalling them in order. (Method 3)

Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the Schedule service.

Not sure what is going on with Schedule. Let's see if it started:

Open a Command Window (All Programs, Accessories, Command Prompt and type:

net  start  schedule

Does it say it is already started?

I'm going off island tomorrow. Not sure when I can get back on line. I assume they will have internet where I'm going but they may not. Will definitely be back on Sunday evening.

#18
shajoe44

Posted 27 November 2013 - 07:40 AM

Member

Topic Starter
Member
262 posts

Yes it gives the already started message. I will work on the .net things later today. THANKS for all your help. This site is the BEST

#19
RKinner

Posted 27 November 2013 - 10:07 AM

Malware Expert

Expert
24,625 posts

How is it running by the way?

Have you run a defrag recently?

When you get a chance do an OTL Quickscan and post the log.

#20
shajoe44

Posted 28 November 2013 - 05:21 PM

Member

Topic Starter
Member
262 posts

OTL logfile created on: 11/28/2013 5:54:09 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jerry\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.97 Mb Total Physical Memory | 115.32 Mb Available Physical Memory | 12.90% Memory free
2.12 Gb Paging File | 1.19 Gb Available in Paging File | 56.46% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.39 Gb Free Space | 8.58% Space Free | Partition Type: NTFS

Computer Name: JERRY-1A1033F2B | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/17 17:44:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/16 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
PRC - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
PRC - [2013/11/04 11:08:48 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/02 08:04:48 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/09/15 08:18:10 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013/07/31 10:38:20 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/03/28 01:28:44 | 000,735,168 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2012/03/28 01:27:06 | 000,309,184 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/24 13:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/16 12:54:56 | 000,517,040 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/07/27 13:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/07/19 16:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe

========== Modules (No Company Name) ==========

MOD - [2013/11/28 13:15:40 | 002,149,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13112801\algo.dll
MOD - [2013/11/26 07:53:40 | 002,147,840 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13112600\algo.dll
MOD - [2013/11/17 17:44:54 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
MOD - [2013/11/04 11:08:56 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/10/02 08:04:55 | 000,142,360 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
MOD - [2013/10/02 08:04:48 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/06/20 16:35:40 | 000,172,032 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
MOD - [2012/06/13 20:35:10 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_21fda135\system.drawing.dll
MOD - [2012/06/13 20:33:38 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e287bc6c\system.windows.forms.dll
MOD - [2012/06/13 20:27:39 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/06/05 10:49:18 | 000,465,672 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\sqlite3.dll
MOD - [2012/06/05 10:48:04 | 000,034,168 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll
MOD - [2012/06/05 10:47:56 | 000,045,408 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll
MOD - [2012/06/05 10:47:38 | 000,128,368 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\LiveupdateTactics.dll
MOD - [2012/06/05 10:47:14 | 000,023,904 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\DbAccess.dll
MOD - [2012/03/11 11:07:38 | 000,159,744 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mmfinfo.dll
MOD - [2012/01/16 21:43:31 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a182f46\mscorlib.dll
MOD - [2012/01/16 21:43:08 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_068dbfa5\system.xml.dll
MOD - [2012/01/16 21:42:26 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4156815b\system.dll
MOD - [2012/01/16 21:41:45 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/16 21:41:42 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/16 21:41:36 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011/09/08 08:59:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2009/05/19 21:26:49 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009/05/19 21:26:48 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009/05/19 21:26:48 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
MOD - [2006/05/09 09:31:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ZDWlan.dll
MOD - [2005/12/19 08:08:16 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2005/09/21 20:39:52 | 000,212,992 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\dot1x_dll.dll
MOD - [2004/08/10 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2004/06/30 16:12:12 | 000,077,824 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\Security.dll
MOD - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe
MOD - [2004/03/05 14:00:58 | 000,155,648 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ssleay32.dll
MOD - [2004/03/05 14:00:26 | 000,827,392 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\libeay32.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\WLService.exe WUSB54GPv4.exe -- (WUSB54GPv4SVC)
SRV - [2013/11/19 17:58:30 | 000,181,064 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\WINDOWS\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2013/11/17 17:44:54 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/10 14:28:41 | 001,987,588 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService)
SRV - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe -- (DefaultTabUpdate)
SRV - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/11/01 10:39:16 | 003,641,896 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - [2013/10/08 16:59:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/11/07 11:09:04 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2013/11/04 11:09:00 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/11/04 11:09:00 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/11/04 11:08:59 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/11/04 11:08:59 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/11/04 11:08:59 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/11/04 11:08:59 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/11/04 11:08:59 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/10/02 08:04:56 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/25 19:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/02 09:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/16 19:58:06 | 000,046,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/01/05 08:36:26 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliandMP)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliand)
DRV - [2010/12/21 00:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/12/21 00:55:02 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2010/12/21 00:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/12/21 00:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/09/15 03:33:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/08/26 23:32:08 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/08/26 23:32:08 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/08/26 23:32:08 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/08/26 23:32:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2009/11/11 21:46:32 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/02/12 14:11:24 | 000,022,312 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rsdrv.sys -- (ElRawDisk)
DRV - [2007/06/27 08:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 08:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/09/22 20:56:40 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/08/17 07:55:16 | 000,044,544 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/27 13:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/02 12:24:42 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/28 10:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(Hawking)
DRV - [2005/07/14 17:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/05/27 08:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/10/25 12:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/10/08 10:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL)
DRV - [2004/05/26 13:53:40 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2004/01/07 16:04:00 | 000,339,488 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB20XP.sys -- (PRISM_A02)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2002/10/15 21:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3298566
IE - HKCU\..\URLSearchHook: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1959E2EA-7EE4-444D-AB03-9E3D92DC6CC2}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{47E12407-042F-40B8-A88A-39B781032C47}: "URL" = http://search.aol.co...ionType=msie70a
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....fr&d=2013-09-02 21:57:47&v=17.0.1.12&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D22F180B-D74E-42C0-A82C-2C7DBA93B523}: "URL" = http://search.yahoo....45,20028,0,70,0
IE - HKCU\..\SearchScopes\{DA2AA864-2827-4BF0-A122-1E09EED913B4}: "URL" = http://search.condui...8325511870&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3298566.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20131145,20030,0,70,0"
FF - prefs.js..browser.search.selectedEngine: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://clemson.scout...1-Laurel-Creek"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7B1122b43d-30ee-403f-9bfa-3cc99b0caddd%7D:10.22.5.510
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: "http://search.condui...661315&UM=2&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12 [2013/10/02 08:10:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/04 11:09:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/17 17:43:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/17 17:43:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Jerry\Application Data\Move Networks [2009/12/27 23:37:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]

[2009/06/15 15:47:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Extensions
[2013/11/20 19:45:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions
[2013/11/20 19:45:00 | 000,000,000 | ---D | M] (MixiDJ V30) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
[2013/11/04 20:51:51 | 000,000,997 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\searchplugins\conduit.xml
[2013/11/17 17:43:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/17 17:45:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/04 11:09:01 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/03/28 01:04:52 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2012/03/28 01:06:54 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2012/03/28 01:05:52 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2012/03/28 01:05:28 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2012/03/28 01:48:16 | 000,489,384 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2012/03/28 01:06:48 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2013/05/22 03:03:17 | 000,003,723 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Jerry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.38\

O1 HOSTS File: ([2013/11/19 18:36:58 | 000,000,855 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (MixiDJ V30 Toolbar) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O3 - HKLM\..\Toolbar: (MixiDJ V30 Toolbar) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (MixiDJ V30 Toolbar) - {1122B43D-30EE-403F-9BFA-3CC99B0CADDD} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\f896b87c-5fbd-4b86-a234-d6b1e05ab03b.exe (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKLM..\Run: [WUSB54GPv4] C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKCU..\Run: [MotoCast] C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKCU..\Run: [replay_telecorder_skype] C:\Program Files\Replay Telecorder for Skype\replay_telecorder_skype.exe (Applian Technologies Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Hawking Wireless Utility.lnk = C:\Program Files\Hawking\HWU8DD\HWU8DD.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Value error. File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {FC6703A7-5B7E-4f58-BE6D-2693AA3906AE} http://h30299.www3.h...hp.cab?1,0,0,94 (HP Content Update)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBB19797-4C94-401C-9368-9219D9B431B7}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/19 21:04:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/20 19:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Desktop\Lawn Service
[2013/11/19 20:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\MixiDJ_V30
[2013/11/19 19:23:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/11/19 19:14:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/11/19 17:54:27 | 000,181,064 | ---- | C] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/11/19 17:48:38 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/11/19 17:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
[2013/11/19 17:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2013/11/17 17:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/16 18:25:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
[2013/11/10 14:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Start Menu\Programs\NCH Software Suite
[2013/11/10 14:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Start Menu\Programs\Business Related Programs
[2013/11/10 14:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2013/11/10 14:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Business Related Programs
[2013/11/10 14:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2013/11/10 14:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2013/11/10 13:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/11/05 13:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalMapper14
[2013/11/04 22:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\GlobalMapper
[2013/11/04 22:37:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Global Mapper
[2013/11/04 22:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalMapper13
[2013/11/04 22:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Downloaded Installations
[2013/11/04 21:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\FileViewPro
[2013/11/04 21:59:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2013/11/04 21:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\IsolatedStorage
[2013/11/04 21:55:18 | 000,000,000 | ---D | C] -- C:\Spacekace
[2013/11/04 21:48:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\gtk-2.0
[2013/11/04 21:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\My Documents\gegl-0.0
[2013/11/04 21:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\.gimp-2.6
[2013/11/04 21:10:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AVAST Software
[2013/11/04 20:55:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/11/04 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\defaulttab
[2013/11/04 20:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/11/04 20:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\MixiDJ_V30
[2013/11/04 20:52:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Conduit
[2013/11/04 20:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\MixiDJ_V30
[2013/11/04 20:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Conduit
[2013/11/04 20:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\SearchProtect
[2013/11/04 20:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2013/11/04 20:35:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\images
[2013/11/04 20:35:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\css
[2013/11/04 20:35:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\modules
[2013/11/04 20:35:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\html
[2013/11/04 20:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\js
[2013/11/04 20:35:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2013/11/04 20:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2013/11/04 12:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/11/04 12:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/11/04 12:03:51 | 005,552,488 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Jerry\Desktop\spsetup123.exe
[2013/11/04 11:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\AVAST Software
[2013/11/04 11:09:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2013/11/04 11:09:10 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/11/04 11:09:08 | 000,403,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2013/11/04 11:09:07 | 000,774,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/11/04 11:09:07 | 000,070,384 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/11/04 11:09:07 | 000,035,656 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/11/04 11:09:06 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/11/04 11:09:02 | 000,269,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/11/04 11:08:57 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/11/04 11:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/11/04 11:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/11/04 10:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\AVG Secure Search
[2013/11/03 19:52:15 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/03 19:48:33 | 001,089,445 | ---- | C] (Farbar) -- C:\Documents and Settings\Jerry\Desktop\FRST.exe

========== Files - Modified Within 30 Days ==========

[2013/11/28 18:00:24 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/28 17:57:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/26 21:30:00 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/11/26 21:23:59 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/26 21:23:45 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/26 21:23:45 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/26 21:23:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/26 20:41:02 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Engine.job
[2013/11/26 20:19:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/11/25 10:07:29 | 000,075,295 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Jennifer's 11-25-13.pdf
[2013/11/24 18:33:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/20 17:54:09 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Global Mapper 14.lnk
[2013/11/20 17:22:47 | 000,000,884 | RHS- | M] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/11/19 18:42:05 | 000,001,051 | ---- | M] () -- C:\temp327.bat
[2013/11/19 18:36:58 | 000,000,855 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/19 18:33:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/11/19 18:33:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/11/19 18:21:49 | 000,485,380 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/19 18:21:49 | 000,081,122 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/19 17:58:30 | 000,181,064 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/11/19 17:40:55 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/11/16 22:46:03 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/11/16 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
[2013/11/10 14:30:03 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Accounts.lnk
[2013/11/10 14:28:43 | 000,000,847 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Invoice.lnk
[2013/11/10 13:36:01 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/11/07 11:09:04 | 000,403,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2013/11/06 20:41:01 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Update.job
[2013/11/05 13:30:19 | 000,000,009 | ---- | M] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2013/11/04 21:37:21 | 000,000,830 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/04 20:53:33 | 000,000,009 | ---- | M] () -- C:\END
[2013/11/04 12:06:49 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/11/04 12:04:25 | 005,552,488 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Jerry\Desktop\spsetup123.exe
[2013/11/04 11:45:12 | 002,799,296 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Jerry\Desktop\procexp.exe
[2013/11/04 11:38:38 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Jerry\Desktop\VEW.exe
[2013/11/04 11:09:49 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/11/04 11:09:00 | 000,178,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/04 11:09:00 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/11/04 11:08:59 | 000,774,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/11/04 11:08:59 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/11/04 11:08:59 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/11/04 11:08:59 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/11/04 11:08:59 | 000,035,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/11/04 11:08:57 | 000,269,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/11/04 11:08:57 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/11/03 19:48:29 | 001,089,445 | ---- | M] (Farbar) -- C:\Documents and Settings\Jerry\Desktop\FRST.exe

========== Files Created - No Company Name ==========

[2013/11/25 10:07:28 | 000,075,295 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Jennifer's 11-25-13.pdf
[2013/11/19 18:42:05 | 000,001,051 | ---- | C] () -- C:\temp327.bat
[2013/11/19 17:40:55 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/11/10 14:30:03 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Accounts.lnk
[2013/11/10 14:30:00 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Accounts.lnk
[2013/11/10 14:28:43 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Invoice.lnk
[2013/11/10 14:28:43 | 000,000,847 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Invoice.lnk
[2013/11/10 13:36:00 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/11/10 13:35:50 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/11/05 22:37:08 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/05 22:37:02 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/05 13:30:19 | 000,002,359 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Global Mapper 14.lnk
[2013/11/04 22:37:07 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2013/11/04 20:55:39 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/11/04 20:50:42 | 000,000,009 | ---- | C] () -- C:\END
[2013/11/04 20:35:21 | 000,000,830 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/04 12:06:48 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/11/04 11:38:46 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Jerry\Desktop\VEW.exe
[2013/11/04 11:09:49 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/11/04 11:09:34 | 000,000,362 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/11/04 11:09:09 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/04 11:09:08 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/29 23:21:41 | 000,003,734 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2013/02/19 12:52:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2013/01/05 08:36:26 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2012/10/25 17:07:28 | 003,973,120 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg2.exe
[2012/04/15 22:44:21 | 000,001,008 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat.temp
[2012/02/15 20:32:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 22:01:15 | 000,333,450 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/06 21:45:22 | 002,596,186 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-854245398-1844823847-682003330-1003-0.dat
[2012/02/06 19:38:25 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/27 20:25:51 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jerry\Application Data\$_hpcst$.hpc
[2011/12/01 22:16:08 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Easy DVD Creator.INI
[2010/10/13 11:44:29 | 000,149,504 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 18:22:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\fusioncache.dat
[2009/11/18 20:23:19 | 000,005,110 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xqkcebzs.dik

========== ZeroAccess Check ==========

[2009/05/19 20:59:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/30 15:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/12/07 06:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anvsoft
[2013/01/03 22:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2013/11/04 11:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/01/28 09:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/07/01 15:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/10/21 17:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/11/01 14:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2010/10/19 13:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/20 08:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/11/04 20:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Conduit
[2013/11/04 20:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2009/11/11 22:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software
[2013/11/04 21:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2013/11/04 09:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/05/13 14:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola
[2012/09/19 12:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NovaRad
[2012/05/10 20:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2012/10/30 21:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/10/01 21:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SkyGolf
[2013/06/05 20:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/11/04 20:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2012/06/25 13:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/12/06 19:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wondershare
[2011/11/05 08:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft
[2010/09/23 21:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/16 14:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/03/03 14:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Auslogics
[2013/11/04 11:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVAST Software
[2011/10/05 08:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG
[2013/01/28 13:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG SafeGuard toolbar
[2013/10/21 17:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG2014
[2010/02/25 20:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Bytescout SWF To Video Scout
[2010/01/28 22:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/11/04 20:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\defaulttab
[2013/11/05 13:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\GlobalMapper
[2013/11/04 21:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\gtk-2.0
[2010/12/15 07:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\ICAClient
[2012/02/26 12:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IDTrackerIII
[2009/11/11 22:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Individual Software
[2013/11/04 21:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IsolatedStorage
[2009/06/08 20:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Leadertech
[2010/12/12 22:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Mobile Action
[2013/10/27 10:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\MotoCast
[2012/05/13 14:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Motorola
[2012/06/14 19:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Motorola Mobility
[2010/02/14 20:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Moyea
[2012/05/10 20:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\PCPro
[2011/12/07 06:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Photo DVD Slideshow
[2013/01/03 22:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Replay Media Catcher 4
[2012/05/13 12:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Samsung
[2013/11/04 20:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\SearchProtect
[2009/11/29 20:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Singlesnet
[2009/10/29 19:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\SkyGolf
[2010/02/14 22:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Smart SWF Converter
[2009/06/27 09:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Snapfish
[2013/10/16 19:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Spotify
[2012/11/01 09:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\TuneUp Software
[2012/05/24 08:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\UniTrunker
[2013/11/10 14:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\uTorrent
[2011/11/05 08:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Xilisoft

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\My Recordings:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Landen.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomPlayer:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomEncoder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Ask and Record Toolbar:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Aiseesoft Studio:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\Pictures:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\ACC Game:Roxio EMC Stream

< End of report >

#21
RKinner

Posted 02 December 2013 - 11:53 AM

Malware Expert

Expert
24,625 posts

Copy the text in the code box by highlighting and Ctrl + c


:OTL
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgidsshimx.sys -- (AVGIDSShim)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3298566
IE - HKCU\..\URLSearchHook: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKCU\..\SearchScopes\{1959E2EA-7EE4-444D-AB03-9E3D92DC6CC2}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....fr&d=2013-09-02 21:57:47&v=17.0.1.12&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D22F180B-D74E-42C0-A82C-2C7DBA93B523}: "URL" = http://search.yahoo....45,20028,0,70,0
IE - HKCU\..\SearchScopes\{DA2AA864-2827-4BF0-A122-1E09EED913B4}: "URL" = http://search.condui...8325511870&UM=2
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
FF - prefs.js..browser.search.defaultenginename: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&CUI=UN17349865072661315&UM=2&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20131145,20030,0,70,0"
FF - prefs.js..browser.search.selectedEngine: "MixiDJ V30 Customized Web Search"
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12 [2013/10/02 08:10:06 | 000,000,000 | ---D | M]
[2013/11/04 20:51:51 | 000,000,997 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\searchplugins\conduit.xml
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()

:files
sc stop avgtp /c
sc delete avgtp /c
sc stop Avgdiskx) /c
sc delete Avgdiskx) /c
sc stop Avglogx /c
sc delete Avglogx /c
C:\WINDOWS\system32\drivers\avgdiskx.sys 
C:\WINDOWS\system32\drivers\avglogx.sys
C:\WINDOWS\system32\drivers\avgtpx86.sys

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.

How is it running now?

#22
shajoe44

Posted 16 December 2013 - 05:49 PM

Member

Topic Starter
Member
262 posts

I ran the fix as instructed but it did not create a log. I am also getting an annoying pop up when changing web pages. This started about 4 days ago.Other than that I may get an occasional script error, but very very seldom.

#23
RKinner

Posted 16 December 2013 - 07:52 PM

Malware Expert

Expert
24,625 posts

Run OTL, quickscan and post the log.

#24
shajoe44

Posted 17 December 2013 - 05:23 PM

Member

Topic Starter
Member
262 posts

OTL logfile created on: 12/17/2013 5:53:51 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jerry\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.97 Mb Total Physical Memory | 152.21 Mb Available Physical Memory | 17.03% Memory free
2.12 Gb Paging File | 1.27 Gb Available in Paging File | 59.91% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.91 Gb Free Space | 9.28% Space Free | Partition Type: NTFS
Drive D: | 635.27 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JERRY-1A1033F2B | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/17 17:44:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/16 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
PRC - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
PRC - [2013/11/04 11:08:48 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/09/15 08:18:10 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/09/03 16:17:22 | 000,832,360 | ---- | M] (Spigot, Inc.) -- C:\Documents and Settings\Jerry\Application Data\Search Protection\SearchProtection.exe
PRC - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013/07/31 10:38:20 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/03/28 01:28:44 | 000,735,168 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2012/03/28 01:27:06 | 000,309,184 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/24 13:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/07/27 13:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/07/19 16:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe

========== Modules (No Company Name) ==========

MOD - [2013/12/16 14:06:23 | 002,152,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13121601\algo.dll
MOD - [2013/12/12 13:58:53 | 016,242,056 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/11/17 17:44:54 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
MOD - [2013/11/04 11:08:56 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/06/20 16:35:40 | 000,172,032 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/06/13 20:35:10 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_21fda135\system.drawing.dll
MOD - [2012/06/13 20:33:38 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e287bc6c\system.windows.forms.dll
MOD - [2012/06/13 20:27:39 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/06/05 10:49:18 | 000,465,672 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\sqlite3.dll
MOD - [2012/06/05 10:48:04 | 000,034,168 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll
MOD - [2012/06/05 10:47:56 | 000,045,408 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll
MOD - [2012/06/05 10:47:38 | 000,128,368 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\LiveupdateTactics.dll
MOD - [2012/06/05 10:47:14 | 000,023,904 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\DbAccess.dll
MOD - [2012/01/16 21:43:31 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a182f46\mscorlib.dll
MOD - [2012/01/16 21:43:08 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_068dbfa5\system.xml.dll
MOD - [2012/01/16 21:42:26 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4156815b\system.dll
MOD - [2012/01/16 21:41:45 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/16 21:41:42 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/16 21:41:36 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2009/05/19 21:26:49 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009/05/19 21:26:48 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009/05/19 21:26:48 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
MOD - [2006/05/09 09:31:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ZDWlan.dll
MOD - [2005/12/19 08:08:16 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2005/09/21 20:39:52 | 000,212,992 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\dot1x_dll.dll
MOD - [2004/06/30 16:12:12 | 000,077,824 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\Security.dll
MOD - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe
MOD - [2004/03/05 14:00:58 | 000,155,648 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ssleay32.dll
MOD - [2004/03/05 14:00:26 | 000,827,392 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\libeay32.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\WLService.exe WUSB54GPv4.exe -- (WUSB54GPv4SVC)
SRV - [2013/12/12 13:59:00 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/19 17:58:30 | 000,181,064 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\WINDOWS\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2013/11/17 17:44:54 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/10 14:28:41 | 001,987,588 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService)
SRV - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe -- (DefaultTabUpdate)
SRV - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/11/01 10:39:16 | 003,641,896 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/11/07 11:09:04 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2013/11/04 11:09:00 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/11/04 11:09:00 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/11/04 11:08:59 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/11/04 11:08:59 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/11/04 11:08:59 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/11/04 11:08:59 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/11/04 11:08:59 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/07/16 19:58:06 | 000,046,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/01/05 08:36:26 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliandMP)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliand)
DRV - [2010/12/21 00:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/12/21 00:55:02 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2010/12/21 00:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/12/21 00:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/09/15 03:33:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/08/26 23:32:08 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/08/26 23:32:08 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/08/26 23:32:08 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/08/26 23:32:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2009/11/11 21:46:32 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/02/12 14:11:24 | 000,022,312 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rsdrv.sys -- (ElRawDisk)
DRV - [2007/06/27 08:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 08:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/09/22 20:56:40 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/08/17 07:55:16 | 000,044,544 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/27 13:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/02 12:24:42 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/28 10:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(Hawking)
DRV - [2005/07/14 17:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/05/27 08:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/10/25 12:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/10/08 10:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL)
DRV - [2004/05/26 13:53:40 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2004/01/07 16:04:00 | 000,339,488 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB20XP.sys -- (PRISM_A02)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2002/10/15 21:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\URLSearchHook: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {759BB39F-A003-44DD-8EA1-CBB5CB06786E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{47E12407-042F-40B8-A88A-39B781032C47}: "URL" = http://search.aol.co...ionType=msie70a
IE - HKCU\..\SearchScopes\{759BB39F-A003-44DD-8EA1-CBB5CB06786E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3298566.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3306061.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Connect DLC 5 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=714647"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://edgefielddaily.com/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7BB21F5E31-B8E8-41CD-B74C-168A71A10E49%7D:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B1122b43d-30ee-403f-9bfa-3cc99b0caddd%7D:10.23.0.822
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: "http://search.condui...661315&UM=2&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/04 11:09:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/17 17:43:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/17 17:43:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Jerry\Application Data\Move Networks [2009/12/27 23:37:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}: C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits\gahff.xpi [2013/12/10 13:11:54 | 000,010,198 | ---- | M] ()

[2009/06/15 15:47:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Extensions
[2013/12/12 13:51:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions
[2013/12/12 13:51:52 | 000,000,000 | ---D | M] (MixiDJ V30) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
[2013/12/12 10:00:22 | 000,000,000 | ---D | M] (Connect DLC 5) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
[2013/12/17 16:58:23 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\searchplugins\yahoo.xml
[2013/11/17 17:43:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/17 17:45:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/10 13:11:54 | 000,010,198 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JERRY\LOCAL SETTINGS\APPLICATION DATA\GREATARCADEHITS\GAHFF.XPI
[2013/11/04 11:09:01 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/03/28 01:04:52 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2012/03/28 01:06:54 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2012/03/28 01:05:52 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2012/03/28 01:05:28 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2012/03/28 01:48:16 | 000,489,384 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2012/03/28 01:06:48 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2013/05/22 03:03:17 | 000,003,723 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - homepage: http://search.yahoo....r=spigot-yhp-ch
CHR - Extension: No name found = C:\Documents and Settings\Jerry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.38\
CHR - Extension: No name found = C:\Documents and Settings\Jerry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\

O1 HOSTS File: ([2013/11/19 18:36:58 | 000,000,855 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - No CLSID value found.
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
O2 - BHO: (GreatArcadeHits Add-on) - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits\GreatArcadeHitsIE.dll (GreatArcadeHits)
O2 - BHO: (Connect DLC 5 Toolbar) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O3 - HKLM\..\Toolbar: (no name) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
O3 - HKLM\..\Toolbar: (Connect DLC 5 Toolbar) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1122B43D-30EE-403F-9BFA-3CC99B0CADDD} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Connect DLC 5 Toolbar) - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} - C:\Program Files\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\f896b87c-5fbd-4b86-a234-d6b1e05ab03b.exe (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WUSB54GPv4] C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKCU..\Run: [MotoCast] C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKCU..\Run: [replay_telecorder_skype] C:\Program Files\Replay Telecorder for Skype\replay_telecorder_skype.exe (Applian Technologies Inc.)
O4 - HKCU..\Run: [SearchProtection] C:\Documents and Settings\Jerry\Application Data\Search Protection\SearchProtection.EXE (Spigot, Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Hawking Wireless Utility.lnk = C:\Program Files\Hawking\HWU8DD\HWU8DD.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Value error. File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {FC6703A7-5B7E-4f58-BE6D-2693AA3906AE} http://h30299.www3.h...hp.cab?1,0,0,94 (HP Content Update)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBB19797-4C94-401C-9368-9219D9B431B7}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/19 21:04:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/17 17:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2013/12/16 18:29:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/12/13 19:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Desktop\Jan 2014 ERT
[2013/12/13 18:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\Search Protection
[2013/12/10 13:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits
[2013/12/10 09:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Connect_DLC_5
[2013/12/10 09:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\Connect_DLC_5
[2013/12/10 09:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Desktop\Hard Drive
[2013/11/20 19:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Desktop\Lawn Service
[2013/11/19 20:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\MixiDJ_V30
[2013/11/19 19:23:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/11/19 19:14:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/11/19 17:54:27 | 000,181,064 | ---- | C] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/11/19 17:48:38 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/11/19 17:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
[2013/11/19 17:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com

========== Files - Modified Within 30 Days ==========

[2013/12/17 18:06:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/17 17:57:05 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/17 17:53:41 | 000,001,108 | RHS- | M] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/12/17 17:14:28 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/16 18:41:05 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/12/16 18:35:35 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/16 18:35:31 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/12/16 18:35:31 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/12/16 18:35:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/15 20:41:01 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Engine.job
[2013/12/13 19:52:32 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/13 18:11:22 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Replay Video Capture 6.lnk
[2013/12/13 18:09:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/13 18:06:06 | 000,000,806 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/12/13 18:06:05 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\µTorrent.lnk
[2013/12/13 10:43:16 | 000,341,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/13 10:38:36 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/12/10 09:34:37 | 000,000,009 | ---- | M] () -- C:\END
[2013/11/26 20:19:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/11/20 17:54:09 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Global Mapper 14.lnk
[2013/11/19 18:42:05 | 000,001,051 | ---- | M] () -- C:\temp327.bat
[2013/11/19 18:36:58 | 000,000,855 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/19 18:33:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/11/19 18:33:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/11/19 18:21:49 | 000,485,380 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/19 18:21:49 | 000,081,122 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/19 17:58:30 | 000,181,064 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/11/19 17:40:55 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Tweaking.com - Windows Repair (All in One).lnk

========== Files Created - No Company Name ==========

[2013/12/17 17:14:28 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/13 18:06:05 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\µTorrent.lnk
[2013/11/19 18:42:05 | 000,001,051 | ---- | C] () -- C:\temp327.bat
[2013/11/19 17:40:55 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/11/04 22:37:07 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2013/11/04 20:55:39 | 000,001,108 | RHS- | C] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/11/04 11:09:09 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/04 11:09:08 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/29 23:21:41 | 000,003,734 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2013/02/19 12:52:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2013/01/05 08:36:26 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2012/10/25 17:07:28 | 003,973,120 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg2.exe
[2012/04/15 22:44:21 | 000,001,008 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat.temp
[2012/02/15 20:32:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 22:01:15 | 000,333,450 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/06 21:45:22 | 002,596,186 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-854245398-1844823847-682003330-1003-0.dat
[2012/02/06 19:38:25 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/27 20:25:51 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jerry\Application Data\$_hpcst$.hpc
[2010/10/13 11:44:29 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 18:22:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\fusioncache.dat
[2009/11/18 20:23:19 | 000,005,110 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xqkcebzs.dik

========== ZeroAccess Check ==========

[2009/05/19 20:59:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/30 15:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/12/07 06:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anvsoft
[2013/01/03 22:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2013/11/04 11:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/01/28 09:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/07/01 15:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/10/21 17:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/11/01 14:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2010/10/19 13:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/20 08:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/12/10 09:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Conduit
[2013/11/04 20:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2009/11/11 22:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software
[2013/11/04 21:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2013/11/04 09:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/05/13 14:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola
[2012/09/19 12:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NovaRad
[2012/05/10 20:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2012/10/30 21:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/10/01 21:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SkyGolf
[2013/06/05 20:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/11/04 20:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2012/06/25 13:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/12/06 19:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wondershare
[2011/11/05 08:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft
[2010/09/23 21:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/16 14:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/03/03 14:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Auslogics
[2013/11/04 11:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVAST Software
[2011/10/05 08:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG
[2013/01/28 13:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG SafeGuard toolbar
[2013/10/21 17:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG2014
[2010/02/25 20:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Bytescout SWF To Video Scout
[2010/01/28 22:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/11/04 20:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\defaulttab
[2013/11/05 13:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\GlobalMapper
[2013/11/04 21:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\gtk-2.0
[2010/12/15 07:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\ICAClient
[2012/02/26 12:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IDTrackerIII
[2009/11/11 22:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Individual Software
[2013/11/04 21:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IsolatedStorage
[2009/06/08 20:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Leadertech
[2010/12/12 22:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Mobile Action
[2013/10/27 10:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\MotoCast
[2012/05/13 14:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Motorola
[2012/06/14 19:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Motorola Mobility
[2010/02/14 20:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Moyea
[2012/05/10 20:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\PCPro
[2011/12/07 06:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Photo DVD Slideshow
[2013/01/03 22:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Replay Media Catcher 4
[2012/05/13 12:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Samsung
[2013/12/13 18:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Search Protection
[2013/11/04 20:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\SearchProtect
[2009/11/29 20:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Singlesnet
[2009/10/29 19:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\SkyGolf
[2010/02/14 22:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Smart SWF Converter
[2009/06/27 09:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Snapfish
[2013/10/16 19:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Spotify
[2012/11/01 09:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\TuneUp Software
[2012/05/24 08:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\UniTrunker
[2013/12/13 18:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\uTorrent
[2011/11/05 08:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Xilisoft

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\My Recordings:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Landen.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomPlayer:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomEncoder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Ask and Record Toolbar:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Aiseesoft Studio:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\Pictures:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\ACC Game:Roxio EMC Stream

< End of report >

#25
RKinner

Posted 17 December 2013 - 06:07 PM

Malware Expert

Expert
24,625 posts

Copy the text in the code box by highlighting and Ctrl + c


:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKCU\..\URLSearchHook: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultthis.engineName: "Connect DLC 5 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&CUI=UN18299223932013254&UM=2&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN17349865072661315&UM=2&q="
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}: C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits\gahff.xpi [2013/12/10 13:11:54 | 000,010,198 | ---- | M] ()
[2013/12/12 10:00:22 | 000,000,000 | ---D | M] (Connect DLC 5) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
[2013/12/10 13:11:54 | 000,010,198 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\JERRY\LOCAL SETTINGS\APPLICATION DATA\GREATARCADEHITS\GAHFF.XPI
[2013/05/22 03:03:17 | 000,003,723 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml
O2 - BHO: (no name) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - No CLSID value found.
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
O2 - BHO: (GreatArcadeHits Add-on) - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits\GreatArcadeHitsIE.dll (GreatArcadeHits)
O2 - BHO: (Connect DLC 5 Toolbar) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O3 - HKLM\..\Toolbar: (no name) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
O3 - HKLM\..\Toolbar: (Connect DLC 5 Toolbar) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1122B43D-30EE-403F-9BFA-3CC99B0CADDD} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Connect DLC 5 Toolbar) - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} - C:\Program Files\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
O4 - HKCU..\Run: [SearchProtection] C:\Documents and Settings\Jerry\Application Data\Search Protection\SearchProtection.EXE (Spigot, Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Value error. File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
[2013/12/16 18:35:31 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/12/16 18:35:31 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]

#26
shajoe44

Posted 17 December 2013 - 06:40 PM

Member

Topic Starter
Member
262 posts

========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\ deleted successfully.
C:\Program Files\Connect_DLC_5\prxtbConn.dll moved successfully.
Prefs.js: "Connect DLC 5 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "" removed from browser.search.order.1
Prefs.js: "" removed from browser.search.order.2
Prefs.js: "http://search.condui...661315&UM=2&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ deleted successfully.
File move failed. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2\ deleted successfully.
C:\WINDOWS\system32\npDeployJava1.dll moved successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\ not found.
File C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits\gahff.xpi [2013/12/10 13:11:54 | 000,010,198 | ---- | M] not found.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Plugins folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\modules folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\META-INF folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\lib folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\defaults folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\components\mam folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\components folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\mam\content folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\mam folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\sl folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\lib\jquery.alerts folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\lib folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\core folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\WEATHER folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\TWITTER folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\SEARCH folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\Optimizer folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa scheduled to be moved on reboot.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\menu\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\menu\img folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\menu\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\menu folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\gf\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\gf\img folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\gf\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\gf folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui\dlg folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ui folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\sp\spsd\images folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\sp\spsd folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\sp\spbd\images folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\sp\spbd folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\sp\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\sp folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\options\js\resources folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\options\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\options\images folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\options\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\options folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\msd folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\api folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ac\res folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ac\img folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ac\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\ac folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\aboutBox\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\aboutBox\images folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\aboutBox folder moved successfully.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb scheduled to be moved on reboot.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\logic\uninstall\dialog\js folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\logic\uninstall\dialog\images folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\logic\uninstall\dialog\css folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\logic\uninstall\dialog folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\logic\uninstall folder moved successfully.
C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\logic folder moved successfully.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061 scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} scheduled to be moved on reboot.
C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits\gahff.xpi moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\safeguard-secure-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}\ deleted successfully.
C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\DefaultTabBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}\ deleted successfully.
C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0C21091-FF8E-432C-9006-0540E81BA9D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7}\ deleted successfully.
C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits\GreatArcadeHitsIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\ not found.
File C:\Program Files\Connect_DLC_5\prxtbConn.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1122b43d-30ee-403f-9bfa-3cc99b0caddd} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}\ not found.
File C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\ not found.
File C:\Program Files\Connect_DLC_5\prxtbConn.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1122B43D-30EE-403F-9BFA-3CC99B0CADDD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}\ not found.
File C:\Program Files\Connect_DLC_5\prxtbConn.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection deleted successfully.
C:\Documents and Settings\Jerry\Application Data\Search Protection\SearchProtection.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper deleted successfully.
C:\Program Files\Spotify\Data\SpotifyWebHelper.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\objects\ deleted successfully.
C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ deleted successfully.
Invalid CLSID key: C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
File C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll not found.
C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job moved successfully.
C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users
->Flash cache emptied: 0 bytes

User: Default User

User: Jerry
->Flash cache emptied: 3025 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default User

User: Jerry
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12172013_192936

Files\Folders moved on Reboot...
File move failed. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061 scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061 scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css\custom-theme scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG\css scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON\resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa\APPLICATION_BUTTON scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061\content scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome\CT3306061 scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\Chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#27
RKinner

Posted 17 December 2013 - 06:49 PM

Malware Expert

Expert
24,625 posts

OK. One more OTL Quickscan.

#28
shajoe44

Posted 17 December 2013 - 07:21 PM

Member

Topic Starter
Member
262 posts

OTL logfile created on: 12/17/2013 7:57:44 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jerry\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.97 Mb Total Physical Memory | 139.68 Mb Available Physical Memory | 15.62% Memory free
2.12 Gb Paging File | 1.37 Gb Available in Paging File | 64.95% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 7.01 Gb Free Space | 9.40% Space Free | Partition Type: NTFS
Drive D: | 635.27 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JERRY-1A1033F2B | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/17 17:44:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/16 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
PRC - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
PRC - [2013/11/04 11:08:48 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013/07/31 10:38:20 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/03/28 01:28:44 | 000,735,168 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2012/03/28 01:27:06 | 000,309,184 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/24 13:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/07/27 13:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/07/19 16:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe

========== Modules (No Company Name) ==========

MOD - [2013/12/17 15:33:38 | 002,152,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13121701\algo.dll
MOD - [2013/12/12 13:58:53 | 016,242,056 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/11/17 17:44:54 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
MOD - [2013/11/04 11:08:56 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/06/20 16:35:40 | 000,172,032 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
MOD - [2012/06/13 20:35:10 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_21fda135\system.drawing.dll
MOD - [2012/06/13 20:33:38 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e287bc6c\system.windows.forms.dll
MOD - [2012/06/13 20:27:39 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/06/05 10:49:18 | 000,465,672 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\sqlite3.dll
MOD - [2012/06/05 10:48:04 | 000,034,168 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll
MOD - [2012/06/05 10:47:56 | 000,045,408 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll
MOD - [2012/06/05 10:47:38 | 000,128,368 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\LiveupdateTactics.dll
MOD - [2012/06/05 10:47:14 | 000,023,904 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\DbAccess.dll
MOD - [2012/01/16 21:43:31 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a182f46\mscorlib.dll
MOD - [2012/01/16 21:43:08 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_068dbfa5\system.xml.dll
MOD - [2012/01/16 21:42:26 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4156815b\system.dll
MOD - [2012/01/16 21:41:45 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/16 21:41:42 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/16 21:41:36 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2009/05/19 21:26:49 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009/05/19 21:26:48 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009/05/19 21:26:48 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
MOD - [2006/05/09 09:31:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ZDWlan.dll
MOD - [2005/12/19 08:08:16 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2005/09/21 20:39:52 | 000,212,992 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\dot1x_dll.dll
MOD - [2004/06/30 16:12:12 | 000,077,824 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\Security.dll
MOD - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe
MOD - [2004/03/05 14:00:58 | 000,155,648 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ssleay32.dll
MOD - [2004/03/05 14:00:26 | 000,827,392 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\libeay32.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\WLService.exe WUSB54GPv4.exe -- (WUSB54GPv4SVC)
SRV - [2013/12/12 13:59:00 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/19 17:58:30 | 000,181,064 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\WINDOWS\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2013/11/17 17:44:54 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/10 14:28:41 | 001,987,588 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService)
SRV - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe -- (DefaultTabUpdate)
SRV - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/11/01 10:39:16 | 003,641,896 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/11/07 11:09:04 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2013/11/04 11:09:00 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/11/04 11:09:00 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/11/04 11:08:59 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/11/04 11:08:59 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/11/04 11:08:59 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/11/04 11:08:59 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/11/04 11:08:59 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/07/16 19:58:06 | 000,046,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/01/05 08:36:26 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliandMP)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliand)
DRV - [2010/12/21 00:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/12/21 00:55:02 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2010/12/21 00:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/12/21 00:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/09/15 03:33:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/08/26 23:32:08 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/08/26 23:32:08 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/08/26 23:32:08 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/08/26 23:32:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2009/11/11 21:46:32 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/02/12 14:11:24 | 000,022,312 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rsdrv.sys -- (ElRawDisk)
DRV - [2007/06/27 08:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 08:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/09/22 20:56:40 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/08/17 07:55:16 | 000,044,544 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/27 13:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/02 12:24:42 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/28 10:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(Hawking)
DRV - [2005/07/14 17:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/05/27 08:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/10/25 12:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/10/08 10:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL)
DRV - [2004/05/26 13:53:40 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2004/01/07 16:04:00 | 000,339,488 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB20XP.sys -- (PRISM_A02)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2002/10/15 21:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope = {759BB39F-A003-44DD-8EA1-CBB5CB06786E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{47E12407-042F-40B8-A88A-39B781032C47}: "URL" = http://search.aol.co...ionType=msie70a
IE - HKCU\..\SearchScopes\{759BB39F-A003-44DD-8EA1-CBB5CB06786E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3298566.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3306061.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=714647"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://edgefielddaily.com/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7B1122b43d-30ee-403f-9bfa-3cc99b0caddd%7D:10.23.0.822
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: "http://search.condui...661315&UM=2&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/04 11:09:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/17 17:43:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/17 17:43:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Jerry\Application Data\Move Networks [2009/12/27 23:37:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]

[2009/06/15 15:47:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Extensions
[2013/12/17 19:38:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions
[2013/12/12 13:51:52 | 000,000,000 | ---D | M] (MixiDJ V30) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
[2013/12/17 19:30:09 | 000,000,915 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\searchplugins\yahoo.xml
[2013/11/17 17:43:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/17 17:45:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/04 11:09:01 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/03/28 01:04:52 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2012/03/28 01:06:54 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2012/03/28 01:05:52 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2012/03/28 01:05:28 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2012/03/28 01:48:16 | 000,489,384 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2012/03/28 01:06:48 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - homepage: http://search.yahoo....r=spigot-yhp-ch
CHR - Extension: No name found = C:\Documents and Settings\Jerry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.38\
CHR - Extension: No name found = C:\Documents and Settings\Jerry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\

O1 HOSTS File: ([2013/11/19 18:36:58 | 000,000,855 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\f896b87c-5fbd-4b86-a234-d6b1e05ab03b.exe (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WUSB54GPv4] C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKCU..\Run: [MotoCast] C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKCU..\Run: [replay_telecorder_skype] C:\Program Files\Replay Telecorder for Skype\replay_telecorder_skype.exe (Applian Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Hawking Wireless Utility.lnk = C:\Program Files\Hawking\HWU8DD\HWU8DD.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {FC6703A7-5B7E-4f58-BE6D-2693AA3906AE} http://h30299.www3.h...hp.cab?1,0,0,94 (HP Content Update)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBB19797-4C94-401C-9368-9219D9B431B7}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/19 21:04:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/17 17:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2013/12/16 18:29:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/12/13 19:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Desktop\Jan 2014 ERT
[2013/12/13 18:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\Search Protection
[2013/12/10 13:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\GreatArcadeHits
[2013/12/10 09:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Connect_DLC_5
[2013/12/10 09:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\Connect_DLC_5
[2013/12/10 09:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Desktop\Hard Drive
[2013/11/20 19:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Desktop\Lawn Service
[2013/11/19 20:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\MixiDJ_V30
[2013/11/19 19:23:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/11/19 19:14:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/11/19 17:54:27 | 000,181,064 | ---- | C] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/11/19 17:48:38 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/11/19 17:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
[2013/11/19 17:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com

========== Files - Modified Within 30 Days ==========

[2013/12/17 20:06:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/17 19:57:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/17 19:34:51 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/12/17 19:33:42 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/17 19:33:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/17 17:53:41 | 000,001,108 | RHS- | M] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/12/17 17:14:28 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/15 20:41:01 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Engine.job
[2013/12/13 19:52:32 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/13 18:11:22 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Replay Video Capture 6.lnk
[2013/12/13 18:09:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/13 18:06:06 | 000,000,806 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/12/13 18:06:05 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\µTorrent.lnk
[2013/12/13 10:43:16 | 000,341,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/13 10:38:36 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/12/10 09:34:37 | 000,000,009 | ---- | M] () -- C:\END
[2013/11/26 20:19:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/11/20 17:54:09 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Global Mapper 14.lnk
[2013/11/19 18:42:05 | 000,001,051 | ---- | M] () -- C:\temp327.bat
[2013/11/19 18:36:58 | 000,000,855 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/19 18:33:14 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/11/19 18:33:14 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/11/19 18:21:49 | 000,485,380 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/19 18:21:49 | 000,081,122 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/19 17:58:30 | 000,181,064 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE
[2013/11/19 17:40:55 | 000,001,812 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Tweaking.com - Windows Repair (All in One).lnk

========== Files Created - No Company Name ==========

[2013/12/17 17:14:28 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/13 18:06:05 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\µTorrent.lnk
[2013/11/19 18:42:05 | 000,001,051 | ---- | C] () -- C:\temp327.bat
[2013/11/19 17:40:55 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/11/04 22:37:07 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2013/11/04 20:55:39 | 000,001,108 | RHS- | C] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/11/04 11:09:09 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/04 11:09:08 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/29 23:21:41 | 000,003,734 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2013/02/19 12:52:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2013/01/05 08:36:26 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2012/10/25 17:07:28 | 003,973,120 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg2.exe
[2012/04/15 22:44:21 | 000,001,008 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat.temp
[2012/02/15 20:32:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 22:01:15 | 000,333,450 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/06 21:45:22 | 002,596,186 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-854245398-1844823847-682003330-1003-0.dat
[2012/02/06 19:38:25 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/27 20:25:51 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jerry\Application Data\$_hpcst$.hpc
[2010/10/13 11:44:29 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 18:22:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\fusioncache.dat
[2009/11/18 20:23:19 | 000,005,110 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xqkcebzs.dik

========== ZeroAccess Check ==========

[2009/05/19 20:59:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/30 15:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/12/07 06:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anvsoft
[2013/01/03 22:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2013/11/04 11:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/01/28 09:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/07/01 15:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/10/21 17:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/11/01 14:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2010/10/19 13:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/20 08:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/12/10 09:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Conduit
[2013/11/04 20:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2009/11/11 22:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software
[2013/11/04 21:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2013/11/04 09:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/05/13 14:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motorola
[2012/09/19 12:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NovaRad
[2012/05/10 20:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC1Data
[2012/10/30 21:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/10/01 21:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SkyGolf
[2013/06/05 20:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/12/17 19:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2012/06/25 13:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/12/06 19:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wondershare
[2011/11/05 08:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft
[2010/09/23 21:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/16 14:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/03/03 14:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Auslogics
[2013/11/04 11:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVAST Software
[2011/10/05 08:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG
[2013/01/28 13:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG SafeGuard toolbar
[2013/10/21 17:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\AVG2014
[2010/02/25 20:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Bytescout SWF To Video Scout
[2010/01/28 22:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/11/04 20:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\defaulttab
[2013/11/05 13:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\GlobalMapper
[2013/11/04 21:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\gtk-2.0
[2010/12/15 07:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\ICAClient
[2012/02/26 12:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IDTrackerIII
[2009/11/11 22:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Individual Software
[2013/11/04 21:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\IsolatedStorage
[2009/06/08 20:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Leadertech
[2010/12/12 22:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Mobile Action
[2013/10/27 10:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\MotoCast
[2012/05/13 14:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Motorola
[2012/06/14 19:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Motorola Mobility
[2010/02/14 20:37:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Moyea
[2012/05/10 20:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\PCPro
[2011/12/07 06:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Photo DVD Slideshow
[2013/01/03 22:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Replay Media Catcher 4
[2012/05/13 12:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Samsung
[2013/12/17 19:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Search Protection
[2013/11/04 20:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\SearchProtect
[2009/11/29 20:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Singlesnet
[2009/10/29 19:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\SkyGolf
[2010/02/14 22:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Smart SWF Converter
[2009/06/27 09:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Snapfish
[2013/10/16 19:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Spotify
[2012/11/01 09:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\TuneUp Software
[2012/05/24 08:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\UniTrunker
[2013/12/13 18:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\uTorrent
[2011/11/05 08:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jerry\Application Data\Xilisoft

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\My Recordings:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Landen.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomPlayer:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomEncoder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Ask and Record Toolbar:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Aiseesoft Studio:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\Pictures:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\ACC Game:Roxio EMC Stream

< End of report >