Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer slow and here is old timer log [Solved]

Started by The Real Cody , Jan 20 2014 07:35 PM

  • This topic is locked This topic is locked

#1
The Real Cody
Posted 20 January 2014 - 07:35 PM

The Real Cody

    Member

  • Member
  • PipPip
  • 18 posts
Hello, I am experiencing computer problems and slow performance. I want to start by stating I picked up these problems before I installed a virus protection program. I am 17 and have a few friends who also have used my computer in the past for various reasons including watching and listening music and movies of glow gaze. I am sure my friends have done things I can not attest to also. Anyways now my computer is extremely slow and I always get pop up ads and so on. It does not lock up and no blue screen but performance and annoying ads.. Please help me. Thank you. here is my old timer log.

OTL logfile created on: 1/20/2014 5:21:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\my computer\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.81 Gb Available Physical Memory | 43.28% Memory free
3.75 Gb Paging File | 2.20 Gb Available in Paging File | 58.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 92.56 Gb Free Space | 62.10% Space Free | Partition Type: NTFS

Computer Name: MYCOMPUTER-PC | User Name: my computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/20 17:20:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\my computer\Downloads\OTL.exe
PRC - [2014/01/15 19:22:26 | 000,097,056 | ---- | M] () -- C:\Program Files\Swift Browse\bin\utilSwiftBrowse.exe
PRC - [2014/01/15 19:19:16 | 000,097,056 | ---- | M] () -- C:\Program Files\Swift Browse\updateSwiftBrowse.exe
PRC - [2014/01/11 07:36:00 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\my computer\AppData\Roaming\Spotify\spotify.exe
PRC - [2014/01/11 07:35:55 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\my computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/01/11 07:35:55 | 000,603,648 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2014/01/10 10:17:40 | 002,530,840 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
PRC - [2014/01/10 10:17:40 | 001,772,056 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
PRC - [2014/01/10 10:17:40 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
PRC - [2014/01/06 07:36:40 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/06 07:36:40 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/03 03:48:26 | 000,005,632 | ---- | M] (The Neat Company) -- C:\Program Files\Neat\exec\NeatStartupService.exe
PRC - [2013/12/22 12:55:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/12/20 22:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/18 09:37:19 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/11/14 00:05:20 | 000,192,512 | ---- | M] (Two Pilots) -- C:\Windows\VPDAgent.exe
PRC - [2013/10/29 17:24:17 | 013,103,104 | ---- | M] (The Weather Channel) -- C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe
PRC - [2013/09/30 20:16:57 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\Retrogamer_4w\bar\1.bin\4wbarsvc.exe
PRC - [2013/09/30 20:16:57 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\Retrogamer_4w\bar\1.bin\4wbrmon.exe
PRC - [2013/09/06 09:30:16 | 000,273,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
PRC - [2013/08/20 13:57:42 | 000,140,944 | ---- | M] (ShopAtHome.com) -- C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
PRC - [2013/08/20 13:57:40 | 000,179,856 | ---- | M] (ShopAtHome.com) -- C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
PRC - [2013/08/01 16:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/05/01 15:00:00 | 000,577,088 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
PRC - [2013/03/25 07:20:50 | 000,520,360 | ---- | M] (iWin Inc.) -- C:\Program Files\Pogo Games\PGMTrusted.exe
PRC - [2012/11/22 18:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/10 01:09:10 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/12/11 23:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/10/31 13:25:08 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/06/10 01:10:57 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE
PRC - [2004/02/11 09:00:00 | 000,118,784 | ---- | M] (WinZip Computing, Inc.) -- C:\Program Files\WinZip\WZQKPICK.EXE


========== Modules (No Company Name) ==========

MOD - [2014/01/11 07:36:00 | 036,967,424 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014/01/11 07:35:55 | 000,603,648 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014/01/10 10:17:41 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
MOD - [2014/01/10 10:17:40 | 002,530,840 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
MOD - [2014/01/06 07:36:41 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/22 12:55:57 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/12/19 10:03:25 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\f16e993b7058b005bbf273007fadf95b\UIAutomationTypes.ni.dll
MOD - [2013/12/19 10:03:24 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\3e43caeb09dc44d1b81e74597e46767d\UIAutomationProvider.ni.dll
MOD - [2013/12/19 10:03:22 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\72843576b9bfad66be46d6eb445b76fa\System.Xml.Linq.ni.dll
MOD - [2013/12/19 10:03:11 | 000,162,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Wind74b7bf4b#\c7740bb9c71214a0a936c9912561e3ad\System.Windows.Input.Manipulations.ni.dll
MOD - [2013/12/19 10:02:35 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\72227d58a04b80252053352dead3b9a3\System.ServiceModel.Internals.ni.dll
MOD - [2013/12/19 10:02:29 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e7aa65750b09ea4b26bd3c9c75f8b94e\System.ServiceModel.ni.dll
MOD - [2013/12/19 03:43:23 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\be5f0f2e208bbb3c647acfbc33434251\System.Runtime.Serialization.ni.dll
MOD - [2013/12/19 03:43:13 | 000,523,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\8e23310ff7df8c34d938861bde0b9b3a\System.Net.Http.ni.dll
MOD - [2013/12/19 03:42:46 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\cb819a0ec67af2f1bee0761a9afdddec\System.Deployment.ni.dll
MOD - [2013/12/19 03:42:02 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\176ea254700896ee68956986b947ea9b\SMDiagnostics.ni.dll
MOD - [2013/12/19 03:41:56 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9010845c58c17f145b3e39c2d28c4869\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2013/12/19 03:41:55 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\d187afdee972b70222b76bd6aed1f742\PresentationFramework-SystemXml.ni.dll
MOD - [2013/12/19 03:39:30 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MOD - [2013/12/19 03:39:24 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f4fff5d6e716c439b944025d3994170d\System.Xaml.ni.dll
MOD - [2013/12/19 03:39:23 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c5db04fde4893300ff28045ce4f7567d\System.Windows.Forms.ni.dll
MOD - [2013/12/19 03:39:21 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5e398839c6c34ac39e3c79494554258e\PresentationFramework.ni.dll
MOD - [2013/12/19 03:39:12 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\5b44a8db5b70143f27fb695b5f72930d\System.Runtime.Remoting.ni.dll
MOD - [2013/12/19 03:39:10 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MOD - [2013/12/19 03:39:05 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\489734eaabeb7c2b90923a1c0ae9431f\PresentationCore.ni.dll
MOD - [2013/12/19 03:39:02 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\edb27e2c25837f79902054965d6813cd\System.Configuration.ni.dll
MOD - [2013/12/19 03:39:01 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7dd4cd3e4768d2aa55af60c838790088\PresentationFramework.Aero.ni.dll
MOD - [2013/12/19 03:38:59 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d913e7d0b1d32187e0c234f8a1a581fc\System.Core.ni.dll
MOD - [2013/12/19 03:38:55 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\18e76c3868d682a7c065bccd142eeec1\WindowsBase.ni.dll
MOD - [2013/12/19 03:38:52 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MOD - [2013/12/19 03:38:44 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2013/12/18 09:37:18 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2006/06/10 01:11:47 | 000,346,904 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2007\MSENCXML.DLL
MOD - [2006/06/10 01:11:47 | 000,228,120 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2007\MSENCDAT.DLL
MOD - [2006/06/10 01:11:46 | 000,260,888 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2007\ERSREGPR.DLL
MOD - [2006/06/10 01:11:46 | 000,178,968 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2007\ENCCONT.DLL
MOD - [2006/06/10 01:10:57 | 000,068,376 | ---- | M] () -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICTEIT.EBK


========== Services (SafeList) ==========

SRV - [2014/01/15 19:22:26 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Swift Browse\bin\utilSwiftBrowse.exe -- (Util Swift Browse)
SRV - [2014/01/15 19:19:16 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Swift Browse\updateSwiftBrowse.exe -- (Update Swift Browse)
SRV - [2014/01/10 10:17:40 | 001,772,056 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2014/01/06 07:36:40 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/01/03 03:48:26 | 000,005,632 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files\Neat\exec\NeatStartupService.exe -- (Neat Startup Service)
SRV - [2013/12/22 12:55:57 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/20 22:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/18 09:37:23 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/26 00:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/11/14 00:05:20 | 000,192,512 | ---- | M] (Two Pilots) [Auto | Running] -- C:\Windows\VPDAgent.exe -- (Agent)
SRV - [2013/09/30 20:16:57 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\Retrogamer_4w\bar\1.bin\4wbarsvc.exe -- (Retrogamer_4wService)
SRV - [2013/09/06 09:29:38 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/05/26 20:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/01 15:00:00 | 000,577,088 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2013/03/25 07:20:50 | 000,520,360 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\Pogo Games\PGMTrusted.exe -- (PGMTrusted)
SRV - [2013/02/18 10:25:29 | 000,307,968 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011/12/11 23:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2009/07/13 17:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 17:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 17:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/02/27 13:15:14 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV - [2014/01/06 07:37:15 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/01/06 07:36:41 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/06 07:36:41 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/06 07:36:41 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/06 07:36:41 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/01/06 07:36:41 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/06 07:36:41 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/11/30 01:24:10 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/08/23 06:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 06:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/08/23 06:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 13:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 13:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 13:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 13:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 13:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.tb.ask...r={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B4 98 6E BE 02 0E CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {4cff1016-c2e2-4fdd-9c67-e32200c25ff9} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{D8559971-6A9F-467D-9C70-5F5B3A0DD246}: "URL" = http://isearch.shopa...q={searchTerms}
IE - HKCU\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: 008abed2-b43a-46c9-9a5b-a771c87b82da%401ad61d53-2bdc-4484-a26b-b888ecae1906.com:0.93.55
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Retrogamer_4w.com/Plugin: C:\Program Files\Retrogamer_4w\bar\1.bin\NP4wStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4wffxtbr@Retrogamer_4w.com: C:\Program Files\Retrogamer_4w\bar\1.bin [2013/09/30 20:17:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2013/10/25 08:57:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/06 07:36:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/02/18 10:20:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Extensions
[2014/01/09 14:03:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions
[2013/12/22 12:10:46 | 000,000,000 | ---D | M] (Connect DLC 5) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
[2013/12/22 12:38:46 | 000,000,000 | ---D | M] ("weDownload Manager Pro") -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com
[2014/01/09 14:03:33 | 000,000,000 | ---D | M] (Retrogamer) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\4wffxtbr@Retrogamer_4w.com
[2014/01/17 11:20:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData
[2014/01/17 11:20:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins
[2014/01/17 11:20:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode
[2013/12/15 21:02:01 | 000,001,003 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\searchplugins\conduit.xml
[2013/12/22 12:55:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/12/22 12:55:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/22 12:55:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/06 07:36:42 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://mysearch.avg....sa&d=2013-11-30 01:26:18&v=17.1.3.1&pid=safeguard&sg=0&sap=hp
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - Extension: Google Docs = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_1\
CHR - Extension: Legend of Zelda = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpfijoflofdfenhigagojenaaohhcblp\1.1_0\
CHR - Extension: Retro Arcade = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdiaccnmfdadpaajlapfhcofienimmm\0.1_0\
CHR - Extension: Swift Browse = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgapglgghagmhogfjkdlnnmbdfddeedb\1.0.0_0\
CHR - Extension: weDownload Manager Pro = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\crossrider
CHR - Extension: weDownload Manager Pro = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\
CHR - Extension: weDownload Manager Pro = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\crossrider
CHR - Extension: weDownload Manager Pro = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.26.56_0\
CHR - Extension: Google Wallet = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: GreatArcadeHits = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\0.0.1_1\
CHR - Extension: Gmail = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 13:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Toolbar BHO) - {03123bb6-a811-407e-b323-66cf0be510b1} - C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll (MindSpark)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Search Assistant BHO) - {d757dbfc-1494-4647-a8b3-abd654988dd8} - C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrcAs.dll (MindSpark)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Retrogamer) - {3392cfec-56f8-41ee-bdb4-4e301efd2c93} - C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Retrogamer) - {3392CFEC-56F8-41EE-BDB4-4E301EFD2C93} - C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll (MindSpark)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Retrogamer Search Scope Monitor] C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [Retrogamer_4w Browser Plugin Loader] C:\Program Files\Retrogamer_4w\bar\1.bin\4wbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [ShopAtHomeUpdater] C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe (ShopAtHome.com)
O4 - HKLM..\Run: [ShopAtHomeWatcher] C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe (ShopAtHome.com)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [DW7] C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe (The Weather Channel)
O4 - HKCU..\Run: [L07AXLRD_2686687] C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify] C:\Users\my computer\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\my computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.game...apWebPlayer.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6B68E26-F099-4262-B054-8EB53BF69CB7}: DhcpNameServer = 172.16.0.1
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8cd00129-1fe8-11e3-94b1-0019bb4bed7f}\Shell - "" = AutoRun
O33 - MountPoints2\{8cd00129-1fe8-11e3-94b1-0019bb4bed7f}\Shell\AutoRun\command - "" = E:\AutoRun.exe {6CFADEA7-D909-405F-8B40-21DBFBBE0389} 10.2066.1.5B03 PID_0083
O33 - MountPoints2\{9faf9b4e-78d1-11e2-abd5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9faf9b4e-78d1-11e2-abd5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/19 13:16:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/01/15 12:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/01/14 12:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/01/14 12:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/01/14 12:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/01/14 12:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/01/14 12:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/01/14 12:44:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/01/09 14:16:21 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\Neat
[2014/01/09 14:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2014/01/09 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\Nuance
[2014/01/09 14:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/01/09 14:08:13 | 000,000,000 | ---D | C] -- C:\Users\my computer\Documents\Neat Data
[2014/01/09 13:57:04 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Local\The Neat Company
[2014/01/09 13:30:08 | 000,192,512 | ---- | C] (Two Pilots) -- C:\Windows\VPDAgent.exe
[2014/01/09 13:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Send To Neat
[2014/01/09 13:29:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neat ADF Scanner
[2014/01/09 13:29:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neat Mobile Scanner
[2014/01/09 13:29:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neat ADF Scanner 2008 Calibration Data
[2014/01/09 13:28:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neat Mobile Scanner 2008 Calibration Data
[2014/01/09 13:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\NeatReceipts
[2014/01/09 13:28:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\741
[2014/01/09 13:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat
[2014/01/09 13:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2014/01/09 13:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\The Neat Company
[2014/01/09 13:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Neat
[2014/01/09 13:25:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2014/01/09 13:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014/01/09 13:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\The Neat Company
[2014/01/06 07:37:39 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\AVAST Software
[2014/01/06 07:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/06 07:36:51 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/06 07:36:50 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/06 07:36:49 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/06 07:36:49 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/06 07:36:48 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/06 07:36:43 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/06 07:36:41 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/06 07:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/06 07:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/12/22 12:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2014/01/20 17:00:00 | 000,000,498 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2014/01/20 16:52:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/20 16:49:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/20 16:39:07 | 000,002,030 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job
[2014/01/20 16:38:51 | 000,002,306 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-firefoxinstaller.job
[2014/01/20 16:38:51 | 000,001,410 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-updater.job
[2014/01/20 16:38:51 | 000,001,212 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-enabler.job
[2014/01/20 16:38:51 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/20 16:38:50 | 000,001,312 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-codedownloader.job
[2014/01/20 16:38:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/19 13:25:44 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/19 13:25:44 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/19 13:16:34 | 1508,634,624 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/19 13:16:31 | 144,264,935 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/17 10:37:18 | 000,661,656 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/17 10:37:18 | 000,121,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/16 11:47:13 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/16 03:21:19 | 000,437,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/15 14:26:03 | 000,656,402 | ---- | M] () -- C:\Users\my computer\Documents\img005.pdf
[2014/01/15 12:46:57 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/01/15 12:46:57 | 000,002,012 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/15 11:58:56 | 000,336,661 | ---- | M] () -- C:\Users\my computer\Documents\img004.jpg
[2014/01/15 11:53:43 | 026,850,922 | ---- | M] () -- C:\Users\my computer\Documents\img003.bmp
[2014/01/15 11:50:53 | 000,293,248 | ---- | M] () -- C:\Users\my computer\Documents\img002.pdf
[2014/01/14 12:45:13 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/09 13:30:13 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\Neat.lnk
[2014/01/06 07:37:20 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/06 07:37:15 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/06 07:36:41 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/06 07:36:41 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/06 07:36:41 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/06 07:36:41 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/06 07:36:41 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/06 07:36:41 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/06 07:36:41 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/06 07:36:41 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

========== Files Created - No Company Name ==========

[2014/01/19 13:16:31 | 144,264,935 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/01/15 14:24:50 | 000,656,402 | ---- | C] () -- C:\Users\my computer\Documents\img005.pdf
[2014/01/15 11:58:55 | 000,336,661 | ---- | C] () -- C:\Users\my computer\Documents\img004.jpg
[2014/01/15 11:53:48 | 026,850,922 | ---- | C] () -- C:\Users\my computer\Documents\img003.bmp
[2014/01/15 11:50:52 | 000,293,248 | ---- | C] () -- C:\Users\my computer\Documents\img002.pdf
[2014/01/14 12:45:45 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/01/14 12:45:45 | 000,002,012 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/14 12:45:13 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/01/14 12:45:13 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/09 13:30:13 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\Neat.lnk
[2014/01/09 13:30:00 | 000,048,640 | ---- | C] () -- C:\Windows\System32\sdtnpm.dll
[2014/01/06 07:37:20 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/06 07:36:50 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/06 07:36:49 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/07/14 16:47:32 | 000,000,106 | ---- | C] () -- C:\Windows\XP200.ini
[2013/02/18 10:54:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/13 20:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 17:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/01/06 07:37:39 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\AVAST Software
[2014/01/15 11:48:59 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Epson
[2013/07/16 13:11:53 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Leader Technologies
[2013/07/14 18:48:01 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Leadertech
[2014/01/09 14:16:21 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Neat
[2014/01/09 14:16:17 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Nuance
[2013/12/18 09:05:42 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\SearchProtect
[2014/01/09 13:36:38 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\ShopAtHome
[2014/01/20 17:08:33 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Spotify
[2013/02/18 10:25:29 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Biscuithd
Posted 20 January 2014 - 07:56 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hello The Reak Cody and Posted Image:

My name is Biscuithd and I am going to be helping you with your malware removal. Please note that, I am currently still in training, so all of my posts have to be reviewed by my instructor prior to me posting them.

Before we continue, please note,

  • If you do not understand any of my instructions, then feel free to ask me and I will explain in further detail.
  • Some of my instructions might need to be carried out in safe mode (or be lengthy), where you will not have access to GeeksToGo, I suggest you save or print my instructions for later reference.
  • Please do NOT use any other tools, fixes or scripts unless instructed to do so. Not only could this damage your system, but it will make it harder to fix your issue.
  • Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.
  • If I have not responded in three (3) days, feel free to PM me.
There should be another log called Extras.txt that was produced from your initial run of OTL. It will be located in the same place as where you ran OTL from, in this case on your Desktop. Please post that log. :)
  • 0

#3
The Real Cody
Posted 20 January 2014 - 08:00 PM

The Real Cody

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Thank you. here is the extras text.
OTL Extras logfile created on: 1/20/2014 5:21:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\my computer\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.81 Gb Available Physical Memory | 43.28% Memory free
3.75 Gb Paging File | 2.20 Gb Available in Paging File | 58.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 92.56 Gb Free Space | 62.10% Space Free | Partition Type: NTFS

Computer Name: MYCOMPUTER-PC | User Name: my computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{68014176-FFDF-4FA6-9F0B-BB057FF16D91}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{110584AF-5ADA-450C-9448-AB967B298A19}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{11D257F2-DAE7-46FE-947C-45CFF14C6D4B}" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"{146F09C0-739E-4897-9D44-1AC4ECE314A5}" = protocol=6 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe |
"{1B1A3575-59D2-4520-849E-BE7A33C7B62D}" = protocol=17 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{3F28ED05-91B3-4542-B859-4E6C302FB590}" = protocol=6 | dir=in | app=c:\program files\pogo games\webupdater.exe |
"{4D1041A8-9425-4F94-A415-41A324E2A786}" = protocol=17 | dir=in | app=d:\common\epsonnet setup\eneasyapp.exe |
"{62A2C4B2-7861-41BC-86EB-2CF105EC3943}" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"{6E03C967-31F0-47EE-8524-654953454B10}" = protocol=6 | dir=in | app=c:\program files\pogo games\pogodgc.exe |
"{7B531727-F3BF-443D-9AD9-68754821B77E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{8DB5920B-83C4-41FB-9503-73A2E217417C}" = protocol=6 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{90E3B6F4-7E39-44EC-873B-832B570A1778}" = protocol=17 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{A84263FF-61C6-45CD-B5C8-1CDF10A9907B}" = protocol=6 | dir=in | app=d:\common\epsonnet setup\eneasyapp.exe |
"{ACF351D4-3C70-4038-9384-AD4D41B3FC64}" = protocol=6 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{AD908F9B-38D5-4F60-AE2A-6E889351E0D3}" = protocol=17 | dir=in | app=c:\program files\pogo games\pogodgc.exe |
"{ADE3B2A3-CDCF-4AE9-BA94-D663F6D323C2}" = protocol=17 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe |
"{BC26407A-4104-4620-8C4C-CFB10548CC13}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D9443E91-1720-4141-BD63-CA361151C88C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E28E9C99-4E12-4F49-8DE0-F9093C7ED342}" = protocol=17 | dir=in | app=c:\program files\pogo games\webupdater.exe |
"TCP Query User{03ABB02A-51B2-4033-A19E-5D6E7327139A}C:\program files\gametap web player\bin\release\gametapplayer.exe" = protocol=6 | dir=in | app=c:\program files\gametap web player\bin\release\gametapplayer.exe |
"TCP Query User{A0459951-7A1A-473E-9F7A-8E544215B313}C:\users\my computer\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\my computer\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B068EE8C-76E7-4E33-997F-5551797D0516}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{4827A536-BE2C-4175-8C77-6EB0880CF2B0}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{9B11502E-217B-47DF-B15E-A07752AA438C}C:\program files\gametap web player\bin\release\gametapplayer.exe" = protocol=17 | dir=in | app=c:\program files\gametap web player\bin\release\gametapplayer.exe |
"UDP Query User{E34898D0-C7AA-4B30-AECF-6811AD39A44F}C:\users\my computer\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\my computer\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07041881-E9B4-4DF6-A845-CAAFD093E477}" = Microsoft Student with Encarta Premium 2007
"{07043840-959A-4B0D-8825-2C533F0DDB19}" = Microsoft Math
"{11A53AF3-CAA5-4C29-887E-CCA7CEE2689B}" = Neat Mobile Scanner Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2D7D9D86-923A-41A8-919F-437332AB1033}" = Nero 7 Ultra Edition
"{30DF5C05-E6F2-4188-8481-CBE10E9D4906}" = NeatConnect Scanner Driver
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{57F5920A-9897-4830-BD4A-BE85DA9734FF}" = Neat Mobile Scanner 2008 Driver
"{58155B30-6BE9-4268-A059-149629149C63}" = Neat ADF Scanner Driver
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{695C8469-7822-4B31-A673-5ED84815B649}" = Epson E-Web Print
"{6EDB3FC5-8B7C-422A-B4FB-1D919F44F2C0}" = Neat Mobile Scanner (Silver) Driver
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{99432E4C-1189-4887-9D75-DAA796015FFD}" = Neat Core Files
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A3B308B9-BE96-4334-816F-3D82B19A7DE2}" = Software Updater
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4A42670-82B9-4A58-8955-20271DBBF29F}" = Neat ADF Scanner 2008 Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B348E585-E872-41DF-8234-E2D49917CFBB}" = Learning Essentials for Microsoft Office
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}" = Epson Event Manager
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{F9C52512-F5AB-4CA8-8E35-6396797DD72A}" = Send To Neat
"{Microsoft Student 2007_54A0E938-8390-489F-8F1A-563673334DFE}" = Microsoft Student 2007 for Learning Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Are You Smarter Than A 5th Grader: Make The Grade" = Are You Smarter Than A 5th Grader: Make The Grade
"Avast" = avast! Free Antivirus
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON XP-200 Series" = EPSON XP-200 Series Printer Uninstall
"Google Chrome" = Google Chrome
"LTCM Client" = LTCM Client
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Neat" = Neat
"PogoDGC" = Pogo Games
"Retrogamer_4wbar Uninstall Firefox" = Retrogamer Firefox Toolbar
"Retrogamer_4wbar Uninstall Internet Explorer" = Retrogamer Internet Explorer Toolbar
"Swift Browse" = Swift Browse 2013.11.07.203600
"The Weather Channel App" = The Weather Channel App
"weDownload Manager Pro" = weDownload Manager Pro
"WinZip" = WinZip

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/11/2014 1:15:45 PM | Computer Name = mycomputer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\EPSON Software\Download
Navigator\EPSDNLMW64.EXE". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/13/2014 12:01:50 AM | Computer Name = mycomputer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\EPSON Software\Download
Navigator\EPSDNLMW64.EXE". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/14/2014 4:30:20 AM | Computer Name = mycomputer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\EPSON Software\Download
Navigator\EPSDNLMW64.EXE". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/14/2014 4:57:37 PM | Computer Name = mycomputer-PC | Source = Application Error | ID = 1000
Description = Faulting application name: EDICT.EXE, version: 16.0.4023.606, time
stamp: 0x4486594a Faulting module name: ieframe.dll, version: 11.0.9600.16476, time
stamp: 0x52944cf2 Exception code: 0xc0000005 Fault offset: 0x00025f1b Faulting process
id: 0xd48 Faulting application start time: 0x01cf116b35a2bdc5 Faulting application
path: C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium
2007 DVD\EDICT.EXE Faulting module path: C:\Windows\System32\ieframe.dll Report Id:
7f449507-7d5e-11e3-83ed-0019bb4bed7f

Error - 1/14/2014 4:58:28 PM | Computer Name = mycomputer-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/15/2014 4:22:03 PM | Computer Name = mycomputer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\EPSON Software\Download
Navigator\EPSDNLMW64.EXE". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/16/2014 7:22:10 AM | Computer Name = mycomputer-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/16/2014 7:39:23 AM | Computer Name = mycomputer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\EPSON Software\Download
Navigator\EPSDNLMW64.EXE". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/19/2014 5:18:16 PM | Computer Name = mycomputer-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/19/2014 5:49:24 PM | Computer Name = mycomputer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\EPSON Software\Download
Navigator\EPSDNLMW64.EXE". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 12/28/2013 10:16:37 PM | Computer Name = mycomputer-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 12/29/2013 3:33:42 PM | Computer Name = mycomputer-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Netman service.

Error - 1/2/2014 11:12:23 AM | Computer Name = mycomputer-PC | Source = Service Control Manager | ID = 7023
Description = The TuneUp Theme Extension service terminated with the following error:
%%127

Error - 1/9/2014 5:37:09 PM | Computer Name = mycomputer-PC | Source = Service Control Manager | ID = 7023
Description = The TuneUp Theme Extension service terminated with the following error:
%%127

Error - 1/11/2014 11:24:32 AM | Computer Name = mycomputer-PC | Source = Service Control Manager | ID = 7023
Description = The TuneUp Theme Extension service terminated with the following error:
%%127

Error - 1/14/2014 4:56:41 PM | Computer Name = mycomputer-PC | Source = Service Control Manager | ID = 7023
Description = The TuneUp Theme Extension service terminated with the following error:
%%127

Error - 1/16/2014 7:20:55 AM | Computer Name = mycomputer-PC | Source = Service Control Manager | ID = 7023
Description = The TuneUp Theme Extension service terminated with the following error:
%%127

Error - 1/19/2014 5:16:40 PM | Computer Name = mycomputer-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:13:25 PM on ?1/?19/?2014 was unexpected.

Error - 1/19/2014 5:16:47 PM | Computer Name = MYCOMPUTER-PC | Source = BugCheck | ID = 1001
Description =

Error - 1/19/2014 5:16:41 PM | Computer Name = mycomputer-PC | Source = Service Control Manager | ID = 7023
Description = The TuneUp Theme Extension service terminated with the following error:
%%127


< End of report >
  • 0

#4
Biscuithd
Posted 20 January 2014 - 08:03 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
You're welcome! I'll be back with you as soon as I get your logs analyzed and a fix created.:thumbsup:
  • 0

#5
Biscuithd
Posted 22 January 2014 - 11:36 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hello The Real Cody

Please perform the folloing instructions.

Uninstall Software

  • Click on the Start Posted Image button and select Control Panel
  • Click on Programs then click on Uninstall a program or Programs and Features
  • You will now see a list of your installed software, double click on the following one by one to uninstall them:Pogo Games
    Retrogamer Firefox Toolbar
    Retrogamer Internet Explorer Toolbar
    Swift Browse 2013.11.07.203600
weDownload Manager ProOnce you have done this, reboot your computer

OTL Fix


  • Run OTL as you did before.
  • Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

Posted Image

:Commands
[createrestorepoint]

:OTL
SRV - [2014/01/15 19:22:26 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Swift Browse\bin\utilSwiftBrowse.exe -- (Util Swift Browse)
SRV - [2014/01/15 19:19:16 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Swift Browse\updateSwiftBrowse.exe -- (Update Swift Browse)
SRV - [2013/09/30 20:16:57 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\Retrogamer_4w\bar\1.bin\4wbarsvc.exe -- (Retrogamer_4wService)
SRV - [2013/03/25 07:20:50 | 000,520,360 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\Pogo Games\PGMTrusted.exe -- (PGMTrusted)
FF - HKLM\Software\MozillaPlugins\@Retrogamer_4w.com/Plugin: C:\Program Files\Retrogamer_4w\bar\1.bin\NP4wStub.dll (MindSpark)
O2 - BHO: (Toolbar BHO) - {03123bb6-a811-407e-b323-66cf0be510b1} - C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll (MindSpark)
O2 - BHO: (Search Assistant BHO) - {d757dbfc-1494-4647-a8b3-abd654988dd8} - C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrcAs.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Retrogamer) - {3392cfec-56f8-41ee-bdb4-4e301efd2c93} - C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll (MindSpark)
O4 - HKLM..\Run: [Retrogamer Search Scope Monitor] C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [Retrogamer_4w Browser Plugin Loader] C:\Program Files\Retrogamer_4w\bar\1.bin\4wbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [ShopAtHomeUpdater] C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe (ShopAtHome.com)
O4 - HKLM..\Run: [ShopAtHomeWatcher] C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe (ShopAtHome.com)
[2014/01/09 13:36:38 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\ShopAtHome
[2013/12/15 21:02:01 | 000,001,003 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\searchplugins\conduit.xml
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O13 - gopher Prefix: missing
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.game...apWebPlayer.cab (Reg Error: Key error.)
[2014/01/20 17:00:00 | 000,000,498 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2014/01/20 16:39:07 | 000,002,030 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job
[2014/01/20 16:38:51 | 000,002,306 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-firefoxinstaller.job
[2014/01/20 16:38:51 | 000,001,410 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-updater.job
[2014/01/20 16:38:51 | 000,001,212 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-enabler.job
[2014/01/20 16:38:50 | 000,001,312 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-codedownloader.job
[2013/12/18 09:05:42 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\SearchProtect
[2013/02/18 10:25:29 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\TuneUp Software

:files
C:\Program Files\Swift
C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb

:Commands
[emptytemp]
[resethosts]


Then press the Run Fix button

Your computer will reboot. If it does not, please manually reboot.

Re-Run OTL

Run OTL again and click Quick Scan.

Copy and paste the contents of the log that it produces into your next post back to me.

Run AdwCleaner

Please download AdwCleaner onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner.txt as well.
Make sure you post the OTL log (just one file for this run) and the ADW log. Also, let me know how the fixes went and how the machine is working now.
  • 0

#6
Dakeyras
Posted 27 January 2014 - 05:23 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#7
Dakeyras
Posted 29 January 2014 - 03:58 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Topic re-opened per OP's request...
  • 0

#8
The Real Cody
Posted 29 January 2014 - 04:22 PM

The Real Cody

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Sorry for the slow reply..
The computer is running a bit faster and no pop up adds!:) Here are the logs you requested.
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named Util Swift Browse was found to stop!
Service\Driver key Util Swift Browse not found.
File C:\Program Files\Swift Browse\bin\utilSwiftBrowse.exe not found.
Error: No service named Update Swift Browse was found to stop!
Service\Driver key Update Swift Browse not found.
File C:\Program Files\Swift Browse\updateSwiftBrowse.exe not found.
Error: No service named Retrogamer_4wService was found to stop!
Service\Driver key Retrogamer_4wService not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wbarsvc.exe not found.
Error: No service named PGMTrusted was found to stop!
Service\Driver key PGMTrusted not found.
File C:\Program Files\Pogo Games\PGMTrusted.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Retrogamer_4w.com/Plugin\ not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\NP4wStub.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03123bb6-a811-407e-b323-66cf0be510b1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03123bb6-a811-407e-b323-66cf0be510b1}\ not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d757dbfc-1494-4647-a8b3-abd654988dd8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d757dbfc-1494-4647-a8b3-abd654988dd8}\ not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrcAs.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3392cfec-56f8-41ee-bdb4-4e301efd2c93} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3392cfec-56f8-41ee-bdb4-4e301efd2c93}\ not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Retrogamer Search Scope Monitor not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrchMn.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Retrogamer_4w Browser Plugin Loader not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wbrmon.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeUpdater deleted successfully.
C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeWatcher deleted successfully.
C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe moved successfully.
C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper folder moved successfully.
C:\Users\my computer\AppData\Roaming\ShopAtHome folder moved successfully.
C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\searchplugins\conduit.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {4F29DE54-5EB7-4D76-B610-A86B5CD2A234}
C:\Windows\Downloaded Program Files\GameTapWebPlayer_4_4_0_7.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
C:\Windows\Tasks\1-Click Maintenance.job moved successfully.
File C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job not found.
File C:\Windows\tasks\weDownload Manager Pro-firefoxinstaller.job not found.
File C:\Windows\tasks\weDownload Manager Pro-updater.job not found.
File C:\Windows\tasks\weDownload Manager Pro-enabler.job not found.
File C:\Windows\tasks\weDownload Manager Pro-codedownloader.job not found.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs\spsd\images folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs\spsd folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs\spbd\images folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs\spbd folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\bin folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect folder moved successfully.
C:\Users\my computer\AppData\Roaming\TuneUp Software\TuneUp Utilities\Backups folder moved successfully.
C:\Users\my computer\AppData\Roaming\TuneUp Software\TuneUp Utilities folder moved successfully.
C:\Users\my computer\AppData\Roaming\TuneUp Software folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files\Swift not found.
File\Folder C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Desktop

User: hedev
->Temp folder emptied: 43164427 bytes

User: my computer
->Temp folder emptied: 5004486 bytes
->Temporary Internet Files folder emptied: 481027058 bytes
->FireFox cache emptied: 33269944 bytes
->Google Chrome cache emptied: 27310247 bytes
->Flash cache emptied: 22672 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 115563715 bytes
RecycleBin emptied: 39533930 bytes

Total Files Cleaned = 710.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 01292014_131455

Files\Folders moved on Reboot...
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\8%26_de%3D897%26_dc%3D3238%26ld_%3D3239%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D3267%26t%3D1379033483039%26ctb%3D1%26csmtags%3Diss-on-time%7Cnonredirect_3268[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[4].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[5].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[4].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\c3%3DjQueryActive%26pc3%3D406%26ld3%3D406%26t3%3D1379033102256%26sc4%3Due_frst%26bb4%3D409%26pc4%3D410%26ld4%3D410%26t4%3D1379033102260%26csmtags%3Diss-on-time_1367[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\c3%3DjQueryActive%26pc3%3D455%26ld3%3D455%26t3%3D1379033060036%26sc4%3Due_frst%26bb4%3D461%26pc4%3D462%26ld4%3D462%26t4%3D1379033060043%26csmtags%3Diss-on-time_1307[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\data=s__mn_search_uedata_180-1764057-6580624_ul&v=27&id=F8A753F75D194A1E9E54&ctb=1&m=1&sc=F8A753F75D194A1E9E54&pc=16757&hob=10&hoe=10&ul=16757&t=1379033463306_16757[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\ecs_B001OBU3TM@ref=pd_cart_recs1,B004T7IBZG@ref=pd_cart_recs2,B00DE5LZDY@ref=pd_cart_recs3,B004VEO19W@ref=pd_cart_recs4,B006BTZHZ2@ref=pd_cart_recs5_action=view,p=1[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;z=383;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=131;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=383;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\_%3D-39%26de_%3D401%26_de%3D423%26_dc%3D424%26ld_%3D427%26ty%3D0%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D430%26t%3D1379033178358%26ctb%3D1%26csmtags%3Dnonredirect_431[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\_uedata_180-1764057-6580624_ul&v=27&id=44DD3727C75745F996FA&ctb=1&m=1&sc=44DD3727C75745F996FA&pc=2264&hob=11&hoe=11&ul=2265&t=1379033042279&csmtags=iss-on-time_2265[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\-42%26de_%3D902%26_de%3D922%26_dc%3D1546%26ld_%3D1548%26ty%3D2%26rc%3D0%26hob%3D11%26hoe%3D11%26ld%3D1560%26t%3D1379033531664%26ctb%3D1%26csmtags%3Dnonredirect_1561[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\59%26pc0%3D1013%26ld0%3D1013%26t0%3D1379033169988%26sc1%3DDAala1%26bb1%3D530%26af1%3D779%26be1%3D801%26cf1%3D906%26pc1%3D1425%26ld1%3D1425%26t1%3D1379033170400_1426[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\966%26t3%3D1379033216621%26sc4%3DDAala1%26bb4%3D232%26af4%3D676%26be4%3D707%26cf4%3D834%26pc4%3D1397%26ld4%3D1397%26t4%3D1379033217052%26csmtags%3Diss-on-time_1398[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[4].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[5].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[6].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[7].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[8].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\arch_uedata_180-1764057-6580624_ul&v=27&id=F8A753F75D194A1E9E54&ctb=1&bft=1&bfnt=1&m=1&sc=F8A753F75D194A1E9E54&pc=30777&hob=10&hoe=10&ul=30777&t=1379033510549_30778[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\c3%3DjQueryActive%26pc3%3D368%26ld3%3D368%26t3%3D1379033407249%26sc4%3Due_frst%26bb4%3D372%26pc4%3D373%26ld4%3D373%26t4%3D1379033407254%26csmtags%3Diss-on-time_1070[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\c3%3DjQueryActive%26pc3%3D375%26ld3%3D375%26t3%3D1379033178303%26sc4%3Due_frst%26bb4%3D378%26pc4%3D378%26ld4%3D378%26t4%3D1379033178306%26csmtags%3Diss-on-time_1302[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\sim_a_2,B003SHL5LK@ref=pd_sim_a_3,B002PAA84Q@ref=pd_sim_a_4,B002V44LTY@ref=pd_sim_a_5,B0035X8L96@ref=pd_sim_a_6,B00DTXG5CW@ref=pd_sim_a_7_action=view,p=1,numsims=64[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\_%3D-20%26de_%3D902%26_de%3D917%26_dc%3D918%26ld_%3D922%26ty%3D0%26rc%3D0%26hob%3D11%26hoe%3D11%26ld%3D940%26t%3D1379033040954%26ctb%3D1%26csmtags%3Dnonredirect_940[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\_search_uedata_180-1764057-6580624_ul&v=27&id=F8A753F75D194A1E9E54&ctb=1&bft=1&bfnt=1&m=1&sc=F8A753F75D194A1E9E54&pc=5743&hob=10&hoe=10&ul=5743&t=1379033587902_5744[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\%26t3%3D1379033447530%26sc4%3DDAala1%26bb4%3D1080%26af4%3D1678%26be4%3D1731%26cf4%3D1998%26pc4%3D2594%26ld4%3D2594%26t4%3D1379033449143%26csmtags%3Diss-on-time_2594[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\3%26_de%3D952%26_dc%3D2832%26ld_%3D2834%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D2851%26t%3D1379033585010%26ctb%3D1%26csmtags%3Diss-on-time%7Cnonredirect_2851[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\5%26de_%3D1454%26_de%3D1475%26_dc%3D1475%26ld_%3D1480%26ty%3D0%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D1493%26t%3D1379033448042%26ctb%3D1%26csmtags%3Dnonredirect_1494[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\5%26pc3%3D1355%26ld3%3D1355%26t3%3D1379033583514%26sc4%3DDAala1%26bb4%3D516%26af4%3D863%26be4%3D929%26cf4%3D1096%26pc4%3D2914%26ld4%3D2914%26t4%3D1379033585073_2914[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\7%26pc3%3D1634%26ld3%3D1634%26t3%3D1379033481406%26sc4%3DDAala1%26bb4%3D540%26af4%3D680%26be4%3D715%26cf4%3D1037%26pc4%3D3294%26ld4%3D3294%26t4%3D1379033483066_3294[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\data=s__mn_search_uedata_180-1764057-6580624_ul&v=27&id=D0B2FC083A214956A93E&ctb=1&m=1&sc=D0B2FC083A214956A93E&pc=18186&hob=10&hoe=10&ul=18186&t=1379033196114_18186[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\h_uedata_180-1764057-6580624_ul&v=27&id=D0B2FC083A214956A93E&ctb=1&bft=1&bfnt=1&m=1&sc=D0B2FC083A214956A93E&pc=177636&hob=10&hoe=10&ul=177636&t=1379033393291_177637[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\i_%3D-8%26de_%3D322%26_de%3D322%26_dc%3D322%26ld_%3D325%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D327%26t%3D1379033407208%26ctb%3D1%26csmtags%3Dnonredirect_328[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\pc0%3D1991%26ld0%3D1991%26t0%3D1379033142624%26sc1%3DDAala1%26bb1%3D1342%26af1%3D1472%26be1%3D1494%26cf1%3D1668%26pc1%3D1992%26ld1%3D1992%26t1%3D1379033142625_1992[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\18%26pc0%3D1104%26ld0%3D1104%26t0%3D1379033138532%26sc1%3DDAala1%26bb1%3D471%26af1%3D777%26be1%3D797%26cf1%3D918%26pc1%3D1423%26ld1%3D1423%26t1%3D1379033138851_1423[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\298%26t3%3D1379033531402%26sc4%3DDAala1%26bb4%3D551%26af4%3D865%26be4%3D898%26cf4%3D1056%26pc4%3D1594%26ld4%3D1594%26t4%3D1379033531698%26csmtags%3Diss-on-time_1594[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[4].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[5].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\arch_uedata_180-1764057-6580624_ul&v=27&id=F8A753F75D194A1E9E54&ctb=1&bft=1&bfnt=1&m=1&sc=F8A753F75D194A1E9E54&pc=13130&hob=11&hoe=11&ul=13130&t=1379033543234_13130[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\sim_a_2,B003SHL5LK@ref=pd_sim_a_3,B002PAA84Q@ref=pd_sim_a_4,B002V44LTY@ref=pd_sim_a_5,B0035X8L96@ref=pd_sim_a_6,B00DTXG5CW@ref=pd_sim_a_7_action=view,p=1,numsims=64[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\_%3D-13%26de_%3D379%26_de%3D379%26_dc%3D379%26ld_%3D383%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D11%26ld%3D389%26t%3D1379033102239%26ctb%3D1%26csmtags%3Dnonredirect_390[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\_%3D-20%26de_%3D383%26_de%3D383%26_dc%3D384%26ld_%3D385%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D393%26t%3D1379033059974%26ctb%3D1%26csmtags%3Dnonredirect_394[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\_%3D-25%26de_%3D338%26_de%3D354%26_dc%3D354%26ld_%3D357%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D363%26t%3D1379033216018%26ctb%3D1%26csmtags%3Dnonredirect_363[1].gif not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\avg_secure_search.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named Util Swift Browse was found to stop!
Service\Driver key Util Swift Browse not found.
File C:\Program Files\Swift Browse\bin\utilSwiftBrowse.exe not found.
Error: No service named Update Swift Browse was found to stop!
Service\Driver key Update Swift Browse not found.
File C:\Program Files\Swift Browse\updateSwiftBrowse.exe not found.
Error: No service named Retrogamer_4wService was found to stop!
Service\Driver key Retrogamer_4wService not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wbarsvc.exe not found.
Error: No service named PGMTrusted was found to stop!
Service\Driver key PGMTrusted not found.
File C:\Program Files\Pogo Games\PGMTrusted.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Retrogamer_4w.com/Plugin\ not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\NP4wStub.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03123bb6-a811-407e-b323-66cf0be510b1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03123bb6-a811-407e-b323-66cf0be510b1}\ not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d757dbfc-1494-4647-a8b3-abd654988dd8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d757dbfc-1494-4647-a8b3-abd654988dd8}\ not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrcAs.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3392cfec-56f8-41ee-bdb4-4e301efd2c93} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3392cfec-56f8-41ee-bdb4-4e301efd2c93}\ not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Retrogamer Search Scope Monitor not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrchMn.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Retrogamer_4w Browser Plugin Loader not found.
File C:\Program Files\Retrogamer_4w\bar\1.bin\4wbrmon.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeUpdater deleted successfully.
C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeWatcher deleted successfully.
C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe moved successfully.
C:\Users\my computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper folder moved successfully.
C:\Users\my computer\AppData\Roaming\ShopAtHome folder moved successfully.
C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\searchplugins\conduit.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {4F29DE54-5EB7-4D76-B610-A86B5CD2A234}
C:\Windows\Downloaded Program Files\GameTapWebPlayer_4_4_0_7.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F29DE54-5EB7-4D76-B610-A86B5CD2A234}\ not found.
C:\Windows\Tasks\1-Click Maintenance.job moved successfully.
File C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job not found.
File C:\Windows\tasks\weDownload Manager Pro-firefoxinstaller.job not found.
File C:\Windows\tasks\weDownload Manager Pro-updater.job not found.
File C:\Windows\tasks\weDownload Manager Pro-enabler.job not found.
File C:\Windows\tasks\weDownload Manager Pro-codedownloader.job not found.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect\Dialogs folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\ffprotect folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs\spsd\images folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs\spsd folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs\spbd\images folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs\spbd folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\Dialogs folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect\bin folder moved successfully.
C:\Users\my computer\AppData\Roaming\SearchProtect folder moved successfully.
C:\Users\my computer\AppData\Roaming\TuneUp Software\TuneUp Utilities\Backups folder moved successfully.
C:\Users\my computer\AppData\Roaming\TuneUp Software\TuneUp Utilities folder moved successfully.
C:\Users\my computer\AppData\Roaming\TuneUp Software folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files\Swift not found.
File\Folder C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Desktop

User: hedev
->Temp folder emptied: 43164427 bytes

User: my computer
->Temp folder emptied: 5004486 bytes
->Temporary Internet Files folder emptied: 481027058 bytes
->FireFox cache emptied: 33269944 bytes
->Google Chrome cache emptied: 27310247 bytes
->Flash cache emptied: 22672 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 115563715 bytes
RecycleBin emptied: 39533930 bytes

Total Files Cleaned = 710.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 01292014_131455

Files\Folders moved on Reboot...
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\8%26_de%3D897%26_dc%3D3238%26ld_%3D3239%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D3267%26t%3D1379033483039%26ctb%3D1%26csmtags%3Diss-on-time%7Cnonredirect_3268[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[4].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[5].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[4].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\c3%3DjQueryActive%26pc3%3D406%26ld3%3D406%26t3%3D1379033102256%26sc4%3Due_frst%26bb4%3D409%26pc4%3D410%26ld4%3D410%26t4%3D1379033102260%26csmtags%3Diss-on-time_1367[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\c3%3DjQueryActive%26pc3%3D455%26ld3%3D455%26t3%3D1379033060036%26sc4%3Due_frst%26bb4%3D461%26pc4%3D462%26ld4%3D462%26t4%3D1379033060043%26csmtags%3Diss-on-time_1307[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\data=s__mn_search_uedata_180-1764057-6580624_ul&v=27&id=F8A753F75D194A1E9E54&ctb=1&m=1&sc=F8A753F75D194A1E9E54&pc=16757&hob=10&hoe=10&ul=16757&t=1379033463306_16757[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\ecs_B001OBU3TM@ref=pd_cart_recs1,B004T7IBZG@ref=pd_cart_recs2,B00DE5LZDY@ref=pd_cart_recs3,B004VEO19W@ref=pd_cart_recs4,B006BTZHZ2@ref=pd_cart_recs5_action=view,p=1[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;z=383;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=131;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\s=i4;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=383;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\_%3D-39%26de_%3D401%26_de%3D423%26_dc%3D424%26ld_%3D427%26ty%3D0%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D430%26t%3D1379033178358%26ctb%3D1%26csmtags%3Dnonredirect_431[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\VFQA2CCW\_uedata_180-1764057-6580624_ul&v=27&id=44DD3727C75745F996FA&ctb=1&m=1&sc=44DD3727C75745F996FA&pc=2264&hob=11&hoe=11&ul=2265&t=1379033042279&csmtags=iss-on-time_2265[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\-42%26de_%3D902%26_de%3D922%26_dc%3D1546%26ld_%3D1548%26ty%3D2%26rc%3D0%26hob%3D11%26hoe%3D11%26ld%3D1560%26t%3D1379033531664%26ctb%3D1%26csmtags%3Dnonredirect_1561[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\59%26pc0%3D1013%26ld0%3D1013%26t0%3D1379033169988%26sc1%3DDAala1%26bb1%3D530%26af1%3D779%26be1%3D801%26cf1%3D906%26pc1%3D1425%26ld1%3D1425%26t1%3D1379033170400_1426[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\966%26t3%3D1379033216621%26sc4%3DDAala1%26bb4%3D232%26af4%3D676%26be4%3D707%26cf4%3D834%26pc4%3D1397%26ld4%3D1397%26t4%3D1379033217052%26csmtags%3Diss-on-time_1398[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[4].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[5].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[6].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[7].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[8].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\arch_uedata_180-1764057-6580624_ul&v=27&id=F8A753F75D194A1E9E54&ctb=1&bft=1&bfnt=1&m=1&sc=F8A753F75D194A1E9E54&pc=30777&hob=10&hoe=10&ul=30777&t=1379033510549_30778[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\c3%3DjQueryActive%26pc3%3D368%26ld3%3D368%26t3%3D1379033407249%26sc4%3Due_frst%26bb4%3D372%26pc4%3D373%26ld4%3D373%26t4%3D1379033407254%26csmtags%3Diss-on-time_1070[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\c3%3DjQueryActive%26pc3%3D375%26ld3%3D375%26t3%3D1379033178303%26sc4%3Due_frst%26bb4%3D378%26pc4%3D378%26ld4%3D378%26t4%3D1379033178306%26csmtags%3Diss-on-time_1302[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\sim_a_2,B003SHL5LK@ref=pd_sim_a_3,B002PAA84Q@ref=pd_sim_a_4,B002V44LTY@ref=pd_sim_a_5,B0035X8L96@ref=pd_sim_a_6,B00DTXG5CW@ref=pd_sim_a_7_action=view,p=1,numsims=64[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\_%3D-20%26de_%3D902%26_de%3D917%26_dc%3D918%26ld_%3D922%26ty%3D0%26rc%3D0%26hob%3D11%26hoe%3D11%26ld%3D940%26t%3D1379033040954%26ctb%3D1%26csmtags%3Dnonredirect_940[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\MBJLLWJ4\_search_uedata_180-1764057-6580624_ul&v=27&id=F8A753F75D194A1E9E54&ctb=1&bft=1&bfnt=1&m=1&sc=F8A753F75D194A1E9E54&pc=5743&hob=10&hoe=10&ul=5743&t=1379033587902_5744[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\%26t3%3D1379033447530%26sc4%3DDAala1%26bb4%3D1080%26af4%3D1678%26be4%3D1731%26cf4%3D1998%26pc4%3D2594%26ld4%3D2594%26t4%3D1379033449143%26csmtags%3Diss-on-time_2594[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\3%26_de%3D952%26_dc%3D2832%26ld_%3D2834%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D2851%26t%3D1379033585010%26ctb%3D1%26csmtags%3Diss-on-time%7Cnonredirect_2851[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\5%26de_%3D1454%26_de%3D1475%26_dc%3D1475%26ld_%3D1480%26ty%3D0%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D1493%26t%3D1379033448042%26ctb%3D1%26csmtags%3Dnonredirect_1494[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\5%26pc3%3D1355%26ld3%3D1355%26t3%3D1379033583514%26sc4%3DDAala1%26bb4%3D516%26af4%3D863%26be4%3D929%26cf4%3D1096%26pc4%3D2914%26ld4%3D2914%26t4%3D1379033585073_2914[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\7%26pc3%3D1634%26ld3%3D1634%26t3%3D1379033481406%26sc4%3DDAala1%26bb4%3D540%26af4%3D680%26be4%3D715%26cf4%3D1037%26pc4%3D3294%26ld4%3D3294%26t4%3D1379033483066_3294[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\data=s__mn_search_uedata_180-1764057-6580624_ul&v=27&id=D0B2FC083A214956A93E&ctb=1&m=1&sc=D0B2FC083A214956A93E&pc=18186&hob=10&hoe=10&ul=18186&t=1379033196114_18186[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\h_uedata_180-1764057-6580624_ul&v=27&id=D0B2FC083A214956A93E&ctb=1&bft=1&bfnt=1&m=1&sc=D0B2FC083A214956A93E&pc=177636&hob=10&hoe=10&ul=177636&t=1379033393291_177637[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\i_%3D-8%26de_%3D322%26_de%3D322%26_dc%3D322%26ld_%3D325%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D327%26t%3D1379033407208%26ctb%3D1%26csmtags%3Dnonredirect_328[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0TD0PK32\pc0%3D1991%26ld0%3D1991%26t0%3D1379033142624%26sc1%3DDAala1%26bb1%3D1342%26af1%3D1472%26be1%3D1494%26cf1%3D1668%26pc1%3D1992%26ld1%3D1992%26t1%3D1379033142625_1992[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\18%26pc0%3D1104%26ld0%3D1104%26t0%3D1379033138532%26sc1%3DDAala1%26bb1%3D471%26af1%3D777%26be1%3D797%26cf1%3D918%26pc1%3D1423%26ld1%3D1423%26t1%3D1379033138851_1423[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\298%26t3%3D1379033531402%26sc4%3DDAala1%26bb4%3D551%26af4%3D865%26be4%3D898%26cf4%3D1056%26pc4%3D1594%26ld4%3D1594%26t4%3D1379033531698%26csmtags%3Diss-on-time_1594[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[4].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\;s=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=2;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[5].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=105;z=100;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http___www.amazon[3].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[1].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\=i5;s=i6;s=i7;s=i8;s=i9;s=m1;s=m4;s=u24;s=u5;s=u9;s=u17;z=511;s=3072;s=32;s=613b;s=613;s=534b;s=534;s=1009;s=1542;s=1584;s=3436;s=3717;dc_ref=http%3A%2F%2Fwww.amazon[2].js not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\arch_uedata_180-1764057-6580624_ul&v=27&id=F8A753F75D194A1E9E54&ctb=1&bft=1&bfnt=1&m=1&sc=F8A753F75D194A1E9E54&pc=13130&hob=11&hoe=11&ul=13130&t=1379033543234_13130[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\sim_a_2,B003SHL5LK@ref=pd_sim_a_3,B002PAA84Q@ref=pd_sim_a_4,B002V44LTY@ref=pd_sim_a_5,B0035X8L96@ref=pd_sim_a_6,B00DTXG5CW@ref=pd_sim_a_7_action=view,p=1,numsims=64[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\_%3D-13%26de_%3D379%26_de%3D379%26_dc%3D379%26ld_%3D383%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D11%26ld%3D389%26t%3D1379033102239%26ctb%3D1%26csmtags%3Dnonredirect_390[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\_%3D-20%26de_%3D383%26_de%3D383%26_dc%3D384%26ld_%3D385%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D393%26t%3D1379033059974%26ctb%3D1%26csmtags%3Dnonredirect_394[1].gif not found!
File\Folder C:\Users\my computer\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\0MT86ILT\_%3D-25%26de_%3D338%26_de%3D354%26_dc%3D354%26ld_%3D357%26ty%3D2%26rc%3D0%26hob%3D10%26hoe%3D10%26ld%3D363%26t%3D1379033216018%26ctb%3D1%26csmtags%3Dnonredirect_363[1].gif not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\avg_secure_search.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#9
Biscuithd
Posted 30 January 2014 - 12:29 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hi there,

Glad to see your back! Let's do fresh OTL scan.

Run OTL again (as you did before) and click Quick Scan.

Copy and paste the contents of the log that it produces into your next post back to me. (There will only be an OTL.txt. No Extras.txt)
  • 0

#10
The Real Cody
Posted 31 January 2014 - 01:45 PM

The Real Cody

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
OTL logfile created on: 1/31/2014 11:32:40 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\my computer\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.27 Gb Available Physical Memory | 14.20% Memory free
3.75 Gb Paging File | 1.84 Gb Available in Paging File | 49.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 91.80 Gb Free Space | 61.59% Space Free | Partition Type: NTFS

Computer Name: MYCOMPUTER-PC | User Name: my computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/31 11:29:41 | 000,155,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\setup\New\instup.exe
PRC - [2014/01/29 17:06:05 | 000,103,200 | ---- | M] () -- C:\Program Files\RightSurf\bin\utilRightSurf.exe
PRC - [2014/01/29 15:13:48 | 000,103,200 | ---- | M] () -- C:\Program Files\RightSurf\updateRightSurf.exe
PRC - [2014/01/29 12:51:00 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
PRC - [2014/01/29 00:09:50 | 004,329,248 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2014/01/29 00:09:50 | 002,911,520 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
PRC - [2014/01/29 00:09:50 | 002,301,216 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2014/01/27 07:35:28 | 000,036,392 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe
PRC - [2014/01/27 07:35:26 | 002,919,976 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2014/01/20 17:20:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\my computer\Downloads\OTL.exe
PRC - [2014/01/13 12:00:26 | 001,177,592 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files\Optimizer Pro\OptProReminder.exe
PRC - [2014/01/13 12:00:26 | 000,418,808 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files\Optimizer Pro\OptProSmartScan.exe
PRC - [2014/01/11 07:36:00 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\my computer\AppData\Roaming\Spotify\spotify.exe
PRC - [2014/01/11 07:35:55 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\my computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/01/11 07:35:55 | 000,603,648 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2014/01/06 07:36:40 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/06 07:36:40 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/03 03:48:26 | 000,005,632 | ---- | M] (The Neat Company) -- C:\Program Files\Neat\exec\NeatStartupService.exe
PRC - [2013/12/27 18:10:48 | 007,911,256 | ---- | M] (Systweak Inc) -- C:\Program Files\RegClean Pro\RegCleanPro.exe
PRC - [2013/12/22 12:55:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/12/20 22:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/14 00:05:20 | 000,192,512 | ---- | M] (Two Pilots) -- C:\Windows\VPDAgent.exe
PRC - [2013/10/29 17:24:17 | 013,103,104 | ---- | M] (The Weather Channel) -- C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe
PRC - [2013/10/07 11:50:28 | 000,120,096 | ---- | M] (Sendori, Inc.) -- C:\Program Files\Sendori\SendoriSvc.exe
PRC - [2013/10/07 11:50:28 | 000,083,232 | ---- | M] (Sendori, Inc.) -- C:\Program Files\Sendori\SendoriTray.exe
PRC - [2013/10/07 11:50:24 | 003,623,200 | ---- | M] (Sendori) -- C:\Program Files\Sendori\sndappv2.exe
PRC - [2013/10/07 11:50:24 | 000,022,304 | ---- | M] (sendori) -- C:\Program Files\Sendori\Sendori.Service.exe
PRC - [2013/09/06 09:30:16 | 000,273,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
PRC - [2013/05/01 15:00:00 | 000,577,088 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
PRC - [2012/11/22 18:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/10 01:09:10 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/12/11 23:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/10/31 13:25:08 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/11/20 13:29:49 | 001,131,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/06/10 01:10:57 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE
PRC - [2004/02/11 09:00:00 | 000,118,784 | ---- | M] (WinZip Computing, Inc.) -- C:\Program Files\WinZip\WZQKPICK.EXE


========== Modules (No Company Name) ==========

MOD - [2014/01/30 03:15:06 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75537eea06d1200805de72f3f7751091\UIAutomationTypes.ni.dll
MOD - [2014/01/30 03:15:06 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\0fca5e7bc50aee6cd0e059bb66fd81ec\UIAutomationProvider.ni.dll
MOD - [2014/01/30 03:15:02 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\49d7f498821498b3d5e9fe5bafceba41\System.Xml.Linq.ni.dll
MOD - [2014/01/30 03:14:46 | 000,163,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Wind74b7bf4b#\8cbffd48aff155032971afc9e219c1ea\System.Windows.Input.Manipulations.ni.dll
MOD - [2014/01/30 03:13:58 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\3b483737ce19c597d351cdb1f4eb3da0\System.ServiceModel.Internals.ni.dll
MOD - [2014/01/30 03:13:49 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\5bca89765ee92dd6018c3782247dba9b\System.ServiceModel.ni.dll
MOD - [2014/01/30 03:13:24 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll
MOD - [2014/01/30 03:13:16 | 000,530,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\827818ac7a8efa7a7ff96561dd45ec80\System.Net.Http.ni.dll
MOD - [2014/01/30 03:12:50 | 001,861,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\8527638d9c471f116ff277e4e774619d\System.Deployment.ni.dll
MOD - [2014/01/30 03:11:49 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\5c250132c9d7fb45ec9b331ec2e4ef2e\SMDiagnostics.ni.dll
MOD - [2014/01/30 03:11:38 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\19156dbc54c3ded7ba00c53d19b6ee96\PresentationFramework-SystemXml.ni.dll
MOD - [2014/01/30 03:11:38 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\64c51ef21713c34883a839dd202ff655\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/01/30 03:08:14 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\639f444db9491d25b5d158531e1f7d9b\System.Xaml.ni.dll
MOD - [2014/01/30 03:08:12 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\ae01d58bd1cb283ec7b603919e2a8fb3\PresentationFramework.Aero.ni.dll
MOD - [2014/01/30 03:08:10 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\034c34ee777c7a2efc9c631b1179211c\System.Runtime.Remoting.ni.dll
MOD - [2014/01/30 03:08:07 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a2eb039301af47660eebc7566ce02b9c\PresentationFramework.ni.dll
MOD - [2014/01/30 03:08:04 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d91f3556f8011a5d48e1448e3fa8df9e\System.Xml.ni.dll
MOD - [2014/01/30 03:07:53 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4e69f1e7d86d79012db2d7e0dadc8880\System.Core.ni.dll
MOD - [2014/01/30 03:07:46 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9fe579783a35b57dd7e69375f35e239\PresentationCore.ni.dll
MOD - [2014/01/30 03:07:44 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\05ca0ca95b6fcc0d710b63b6200cc178\System.Windows.Forms.ni.dll
MOD - [2014/01/30 03:07:33 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef90aeb894485d14b249d102309b6df3\WindowsBase.ni.dll
MOD - [2014/01/30 03:07:31 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c4477b3ce64d0d612d1ab0dba425b77f\System.Drawing.ni.dll
MOD - [2014/01/30 03:07:29 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1f56d5786274992934de0c900431c447\System.Configuration.ni.dll
MOD - [2014/01/30 03:07:27 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\79f6324a598a7c4446a4a1168be7c4b1\System.ni.dll
MOD - [2014/01/30 03:07:17 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll
MOD - [2014/01/29 16:13:15 | 002,961,368 | ---- | M] () -- c:\Program Files\Optimizer Pro\OptProCrash.dll
MOD - [2014/01/29 12:51:00 | 016,287,624 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_43.dll
MOD - [2014/01/27 07:23:44 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2014/01/27 07:05:16 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
MOD - [2014/01/11 07:36:00 | 036,967,424 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014/01/11 07:35:55 | 000,603,648 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014/01/06 07:36:41 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/22 12:55:57 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/12/19 08:57:47 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll
MOD - [2013/12/19 08:57:47 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll
MOD - [2013/12/19 08:57:46 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\5b239b4d0f9c334efdd06d399b4a9ba6\System.Data.ni.dll
MOD - [2013/12/19 08:57:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/12/19 08:57:09 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/12/19 08:57:03 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/12/19 08:56:59 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/12/19 08:56:41 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/12/19 08:56:34 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2010/11/20 13:29:11 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 13:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2006/06/10 01:11:47 | 000,346,904 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2007\MSENCXML.DLL
MOD - [2006/06/10 01:11:47 | 000,228,120 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2007\MSENCDAT.DLL
MOD - [2006/06/10 01:11:46 | 000,260,888 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2007\ERSREGPR.DLL
MOD - [2006/06/10 01:11:46 | 000,178,968 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2007\ENCCONT.DLL
MOD - [2006/06/10 01:10:57 | 000,068,376 | ---- | M] () -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICTEIT.EBK


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - File not found [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2014/01/29 17:06:05 | 000,103,200 | ---- | M] () [Auto | Running] -- C:\Program Files\RightSurf\bin\utilRightSurf.exe -- (Util RightSurf)
SRV - [2014/01/29 15:13:48 | 000,103,200 | ---- | M] () [Auto | Running] -- C:\Program Files\RightSurf\updateRightSurf.exe -- (Update RightSurf)
SRV - [2014/01/29 12:51:01 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/29 00:09:50 | 002,301,216 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/01/27 07:35:28 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/01/06 07:36:40 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/01/03 03:48:26 | 000,005,632 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files\Neat\exec\NeatStartupService.exe -- (Neat Startup Service)
SRV - [2013/12/22 12:55:57 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/20 22:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/26 00:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/11/14 00:05:20 | 000,192,512 | ---- | M] (Two Pilots) [Auto | Running] -- C:\Windows\VPDAgent.exe -- (Agent)
SRV - [2013/10/07 11:50:28 | 000,120,096 | ---- | M] (Sendori, Inc.) [Auto | Running] -- C:\Program Files\Sendori\SendoriSvc.exe -- (Application Sendori)
SRV - [2013/10/07 11:50:24 | 003,623,200 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files\Sendori\sndappv2.exe -- (sndappv2)
SRV - [2013/10/07 11:50:24 | 000,022,304 | ---- | M] (sendori) [Auto | Running] -- C:\Program Files\Sendori\Sendori.Service.exe -- (Service Sendori)
SRV - [2013/09/06 09:29:38 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/05/26 20:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/01 15:00:00 | 000,577,088 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2013/02/18 10:25:29 | 000,307,968 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011/12/11 23:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2009/07/13 17:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 17:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 17:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/02/27 13:15:14 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV - [2014/01/31 11:33:35 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/01/31 11:33:34 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/31 11:33:34 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/31 11:33:34 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/31 11:32:48 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014/01/31 11:31:56 | 000,265,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswNdisFlt.sys -- (aswNdisFlt)
DRV - [2014/01/06 07:36:41 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/06 07:36:41 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/01/06 07:36:41 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/11/30 01:24:10 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/08/23 06:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 06:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/08/23 06:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 13:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 13:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 13:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 13:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 13:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=550948739&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {77AA745B-F4F8-45DA-9B14-61D2D95054C8}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...r=550948739&ir=
IE - HKLM\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.tb.ask...r={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...926556E2F&SSPV=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B4 98 6E BE 02 0E CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...r=550948739&ir=
IE - HKCU\..\SearchScopes\{D8559971-6A9F-467D-9C70-5F5B3A0DD246}: "URL" = http://isearch.shopa...q={searchTerms}
IE - HKCU\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Conduit Search"
FF - prefs.js..browser.search.order.1: "Mysearchdial"
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.condui...26556E2F&SSPV="
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7Bb9a19c25-a741-47e5-91a2-0b62bef307ff%7D:1.0.0
FF - prefs.js..extensions.enabledAddons: %7Bad9a41d2-9a49-4fa6-a79e-71a0785364c8%7D:9.5.3
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40mysearchdial.com:1.6.0
FF - prefs.js..extensions.enabledAddons: TidyNetwork%40TidyNetwork:5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2013/10/25 08:57:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/31 11:33:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/02/18 10:20:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Extensions
[2014/01/29 16:13:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions
[2014/01/29 16:09:19 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2014/01/29 16:09:19 | 000,000,000 | ---D | M] (mysearchdial.com) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\[email protected]
[2014/01/29 16:13:25 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\TidyNetwork@TidyNetwork
[2014/01/29 15:13:48 | 000,009,074 | ---- | M] () (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\{b9a19c25-a741-47e5-91a2-0b62bef307ff}.xpi
[2014/01/31 11:29:50 | 000,000,975 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\searchplugins\conduit-search.xml
[2014/01/29 16:09:25 | 000,002,399 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\searchplugins\Mysearchdial.xml
[2013/12/22 12:55:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/12/22 12:55:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/22 12:55:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/31 11:33:38 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://mysearch.avg....sa&d=2013-11-30 01:26:18&v=17.1.3.1&pid=safeguard&sg=0&sap=hp
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.102\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - Extension: Google Docs = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Legend of Zelda = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpfijoflofdfenhigagojenaaohhcblp\1.1_0\
CHR - Extension: Retro Arcade = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdiaccnmfdadpaajlapfhcofienimmm\0.1_0\
CHR - Extension: Whois this!! = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\0.1_0\
CHR - Extension: MySearchDial = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\
CHR - Extension: Gmail = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014/01/29 13:16:54 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (RightSurf) - {88be1aa9-6740-461c-9e3e-f35eb8fa741c} - C:\Program Files\RightSurf\RightSurfBHO.dll (RightSurf)
O2 - BHO: (TidyNetwork) - {AF2E6626-F705-3A11-EE8F-BAB265C01179} - C:\Program Files\TidyNetwork\petn.dll ()
O2 - BHO: (mysearchdial Helper Object) - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (MySearchDial)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (mysearchdial Toolbar) - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (MySearchDial)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Sendori Tray] C:\Program Files\Sendori\SendoriTray.exe (Sendori, Inc.)
O4 - HKCU..\Run: [DW7] C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe (The Weather Channel)
O4 - HKCU..\Run: [L07AXLRD_2686687] C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Software Limited)
O4 - HKCU..\Run: [Spotify] C:\Users\my computer\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\my computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\my computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\Sendori.dll (Sendori)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6B68E26-F099-4262-B054-8EB53BF69CB7}: DhcpNameServer = 172.16.0.1
O20 - AppInit_DLLs: (c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll) - c:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20 - AppInit_DLLs: (c:\progra~1\optimi~1\optpro~1.dll) - c:\Program Files\Optimizer Pro\OptProCrash.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8cd00129-1fe8-11e3-94b1-0019bb4bed7f}\Shell - "" = AutoRun
O33 - MountPoints2\{8cd00129-1fe8-11e3-94b1-0019bb4bed7f}\Shell\AutoRun\command - "" = E:\AutoRun.exe {6CFADEA7-D909-405F-8B40-21DBFBBE0389} 10.2066.1.5B03 PID_0083
O33 - MountPoints2\{9faf9b4e-78d1-11e2-abd5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9faf9b4e-78d1-11e2-abd5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/31 11:33:45 | 000,026,136 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2014/01/31 11:31:56 | 000,265,072 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdisFlt.sys
[2014/01/30 16:55:34 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\TuneUp Software
[2014/01/30 03:03:32 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/29 16:18:28 | 000,000,000 | ---D | C] -- C:\Users\my computer\Documents\Optimizer Pro
[2014/01/29 16:18:26 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\Optimizer Pro
[2014/01/29 16:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/29 16:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2014/01/29 16:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2014/01/29 16:13:32 | 000,325,920 | ---- | C] (Sendori) -- C:\Windows\System32\Sendori.dll
[2014/01/29 16:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sendori
[2014/01/29 16:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\Sendori
[2014/01/29 16:13:21 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Local\TidyNetwork
[2014/01/29 16:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\TidyNetwork
[2014/01/29 16:13:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2014/01/29 16:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2014/01/29 16:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2014/01/29 16:11:58 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Local\SearchProtect
[2014/01/29 16:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
[2014/01/29 16:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2014/01/29 16:05:48 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced System Protector
[2014/01/29 16:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\RightSurf
[2014/01/29 16:05:29 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/01/29 16:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/01/29 16:05:04 | 000,018,776 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2014/01/29 16:04:59 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\systweak
[2014/01/29 16:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2014/01/29 16:04:57 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\mysearchdial
[2014/01/29 16:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2014/01/29 16:04:54 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
[2014/01/29 16:04:52 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Local\Programs
[2014/01/29 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mysearchdial
[2014/01/29 16:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Converter
[2014/01/29 16:04:46 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\DigitalSites
[2014/01/29 16:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Image Converter
[2014/01/29 13:31:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/29 13:14:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/25 14:28:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/01/19 13:16:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/01/15 12:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/01/14 12:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/01/14 12:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/01/14 12:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/01/14 12:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/01/14 12:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/01/14 12:44:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/01/09 14:16:21 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\Neat
[2014/01/09 14:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2014/01/09 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\Nuance
[2014/01/09 14:08:13 | 000,000,000 | ---D | C] -- C:\Users\my computer\Documents\Neat Data
[2014/01/09 13:57:04 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Local\The Neat Company
[2014/01/09 13:30:08 | 000,192,512 | ---- | C] (Two Pilots) -- C:\Windows\VPDAgent.exe
[2014/01/09 13:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Send To Neat
[2014/01/09 13:29:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neat ADF Scanner
[2014/01/09 13:29:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neat Mobile Scanner
[2014/01/09 13:29:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neat ADF Scanner 2008 Calibration Data
[2014/01/09 13:28:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neat Mobile Scanner 2008 Calibration Data
[2014/01/09 13:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\NeatReceipts
[2014/01/09 13:28:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\741
[2014/01/09 13:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat
[2014/01/09 13:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2014/01/09 13:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\The Neat Company
[2014/01/09 13:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Neat
[2014/01/09 13:25:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2014/01/09 13:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014/01/09 13:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\The Neat Company
[2014/01/06 07:37:39 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\AVAST Software
[2014/01/06 07:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/06 07:36:51 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/06 07:36:50 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/06 07:36:49 | 000,410,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/06 07:36:49 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/06 07:36:48 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/06 07:36:43 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/06 07:36:41 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/06 07:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/06 07:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

========== Files - Modified Within 30 Days ==========

[2014/01/31 11:37:12 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/31 11:36:15 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/31 11:36:15 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/31 11:35:02 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk
[2014/01/31 11:35:02 | 000,002,053 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014/01/31 11:33:35 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/01/31 11:33:34 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/31 11:33:34 | 000,410,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/31 11:33:34 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/31 11:33:32 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/31 11:33:31 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/31 11:32:48 | 000,026,136 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2014/01/31 11:31:56 | 000,265,072 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdisFlt.sys
[2014/01/31 11:27:43 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/31 11:27:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/31 11:27:09 | 1508,634,624 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/31 10:04:00 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2014/01/31 09:52:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/30 16:43:33 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2014/01/30 03:25:44 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2014/01/30 03:06:13 | 000,661,656 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/30 03:06:13 | 000,121,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/29 16:14:34 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2014/01/29 16:13:13 | 000,001,020 | ---- | M] () -- C:\Users\my computer\Desktop\Optimizer Pro.lnk
[2014/01/29 16:12:01 | 000,000,000 | ---- | M] () -- C:\END
[2014/01/29 16:05:56 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2014/01/29 16:05:39 | 000,001,915 | ---- | M] () -- C:\Users\my computer\Desktop\Sync Folder.lnk
[2014/01/29 16:05:31 | 000,001,055 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/01/29 16:05:30 | 000,001,045 | ---- | M] () -- C:\Users\my computer\Desktop\MyPC Backup.lnk
[2014/01/29 16:05:07 | 000,000,399 | ---- | M] () -- C:\Users\my computer\Desktop\MySearchDial.url
[2014/01/29 16:05:07 | 000,000,394 | ---- | M] () -- C:\Users\my computer\Desktop\FREE Games.url
[2014/01/29 16:05:01 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2014/01/29 16:04:57 | 000,366,611 | ---- | M] () -- C:\Users\my computer\AppData\Local\mysearchdial-speeddial.crx
[2014/01/29 16:04:47 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\Image Converter.lnk
[2014/01/29 13:16:54 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/01/29 11:59:03 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/29 11:28:21 | 000,000,062 | ---- | M] () -- C:\Users\Public\Desktop\Are You Smarter Than A 5th Grader Make The Grade.url
[2014/01/19 13:16:31 | 144,264,935 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/16 03:21:19 | 000,437,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/15 14:26:03 | 000,656,402 | ---- | M] () -- C:\Users\my computer\Documents\img005.pdf
[2014/01/15 12:46:57 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/01/15 12:46:57 | 000,002,012 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/15 11:58:56 | 000,336,661 | ---- | M] () -- C:\Users\my computer\Documents\img004.jpg
[2014/01/15 11:53:43 | 026,850,922 | ---- | M] () -- C:\Users\my computer\Documents\img003.bmp
[2014/01/15 11:50:53 | 000,293,248 | ---- | M] () -- C:\Users\my computer\Documents\img002.pdf
[2014/01/14 12:45:13 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/09 13:30:13 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\Neat.lnk
[2014/01/06 07:36:41 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/06 07:36:41 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/06 07:36:41 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys

========== Files Created - No Company Name ==========

[2014/01/31 11:35:02 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk
[2014/01/31 11:35:02 | 000,002,053 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014/01/29 16:14:34 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2014/01/29 16:13:13 | 000,001,020 | ---- | C] () -- C:\Users\my computer\Desktop\Optimizer Pro.lnk
[2014/01/29 16:12:01 | 000,000,000 | ---- | C] () -- C:\END
[2014/01/29 16:08:50 | 000,366,611 | ---- | C] () -- C:\Users\my computer\AppData\Local\mysearchdial-speeddial.crx
[2014/01/29 16:05:56 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2014/01/29 16:05:48 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2014/01/29 16:05:39 | 000,001,915 | ---- | C] () -- C:\Users\my computer\Desktop\Sync Folder.lnk
[2014/01/29 16:05:38 | 000,000,276 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2014/01/29 16:05:35 | 000,000,284 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2014/01/29 16:05:31 | 000,001,055 | ---- | C] () -- C:\Users\my computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/01/29 16:05:30 | 000,001,045 | ---- | C] () -- C:\Users\my computer\Desktop\MyPC Backup.lnk
[2014/01/29 16:05:07 | 000,000,399 | ---- | C] () -- C:\Users\my computer\Desktop\MySearchDial.url
[2014/01/29 16:05:07 | 000,000,394 | ---- | C] () -- C:\Users\my computer\Desktop\FREE Games.url
[2014/01/29 16:05:01 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2014/01/29 16:04:50 | 000,000,310 | ---- | C] () -- C:\Windows\tasks\Digital Sites.job
[2014/01/29 16:04:47 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\Image Converter.lnk
[2014/01/29 11:28:21 | 000,000,062 | ---- | C] () -- C:\Users\Public\Desktop\Are You Smarter Than A 5th Grader Make The Grade.url
[2014/01/19 13:16:31 | 144,264,935 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/01/15 14:24:50 | 000,656,402 | ---- | C] () -- C:\Users\my computer\Documents\img005.pdf
[2014/01/15 11:58:55 | 000,336,661 | ---- | C] () -- C:\Users\my computer\Documents\img004.jpg
[2014/01/15 11:53:48 | 026,850,922 | ---- | C] () -- C:\Users\my computer\Documents\img003.bmp
[2014/01/15 11:50:52 | 000,293,248 | ---- | C] () -- C:\Users\my computer\Documents\img002.pdf
[2014/01/14 12:45:45 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/01/14 12:45:45 | 000,002,012 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/14 12:45:13 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/01/14 12:45:13 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/09 13:30:13 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\Neat.lnk
[2014/01/09 13:30:00 | 000,048,640 | ---- | C] () -- C:\Windows\System32\sdtnpm.dll
[2014/01/06 07:36:50 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/06 07:36:49 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/07/14 16:47:32 | 000,000,106 | ---- | C] () -- C:\Windows\XP200.ini
[2013/02/18 10:54:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/13 20:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 17:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/01/29 16:04:54 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
[2014/01/06 07:37:39 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\AVAST Software
[2014/01/29 16:04:46 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\DigitalSites
[2014/01/15 11:48:59 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Epson
[2013/07/16 13:11:53 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Leader Technologies
[2013/07/14 18:48:01 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Leadertech
[2014/01/29 16:04:57 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\mysearchdial
[2014/01/09 14:16:21 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Neat
[2014/01/09 14:16:17 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Nuance
[2014/01/29 16:18:26 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Optimizer Pro
[2014/01/31 11:35:06 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Spotify
[2014/01/29 16:05:59 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\systweak
[2014/01/30 16:55:34 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#11
The Real Cody
Posted 31 January 2014 - 01:49 PM

The Real Cody

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
These adds are driving me crazy. They came back with a vengeance. I also now suddenly have some program trying to backup my computer and a reg cleaner that I can only get rid of thru my task manager.
  • 0

#12
The Real Cody
Posted 31 January 2014 - 01:51 PM

The Real Cody

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
I also am getting redirected now. OMG! Help!!
  • 0

#13
Biscuithd
Posted 01 February 2014 - 03:55 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hello The Real Cody,

I will review your log and develop a fix for you either later today or tomorrow. That said, I did give a quick look to your most recent log. In the last few days I see evidence that you've download several programs that are causing issues for you. I mean this in the nicest way, but you are adding problematic programs faster than I can remove them! Please refrain from downloading anything until we get the machine fixed. And, even then, you have to use some thought before you allow something to be downloaded. I will provide more guidance later.
  • 0

#14
The Real Cody
Posted 01 February 2014 - 04:40 PM

The Real Cody

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
I apologize for that. I just chewed out everyone in regards to this issue. I will do my absolute best to stop this from happening. Thank you for the heads up.
  • 0

#15
Biscuithd
Posted 03 February 2014 - 12:42 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hello The Real Cody


I apologize for that. I just chewed out everyone in regards to this issue. I will do my absolute best to stop this from happening. Thank you for the heads up.



Glad to help Posted Image There is quite a bit to remove on this computer, so it will take a few passes. Again, no downloading until we're done, ok Posted Image


Chrome Homepage

Please follow these steps here to change the homepage. (I recommend changing it to Google.com)


OTL Fix

  • Run OTL as you did before.
  • Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

Posted Image

:Commands
[createrestorepoint]

:OTL
PRC - [2014/01/29 17:06:05 | 000,103,200 | ---- | M] () -- C:\Program Files\RightSurf\bin\utilRightSurf.exe
PRC - [2014/01/29 15:13:48 | 000,103,200 | ---- | M] () -- C:\Program Files\RightSurf\updateRightSurf.exe
PRC - [2014/01/29 00:09:50 | 004,329,248 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2014/01/29 00:09:50 | 002,911,520 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
PRC - [2014/01/29 00:09:50 | 002,301,216 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2014/01/27 07:35:28 | 000,036,392 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe
PRC - [2014/01/27 07:35:26 | 002,919,976 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2014/01/13 12:00:26 | 001,177,592 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files\Optimizer Pro\OptProReminder.exe
PRC - [2014/01/13 12:00:26 | 000,418,808 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files\Optimizer Pro\OptProSmartScan.exe
PRC - [2013/12/27 18:10:48 | 007,911,256 | ---- | M] (Systweak Inc) -- C:\Program Files\RegClean Pro\RegCleanPro.exe
PRC - [2013/10/07 11:50:28 | 000,120,096 | ---- | M] (Sendori, Inc.) -- C:\Program Files\Sendori\SendoriSvc.exe
PRC - [2013/10/07 11:50:28 | 000,083,232 | ---- | M] (Sendori, Inc.) -- C:\Program Files\Sendori\SendoriTray.exe
PRC - [2013/10/07 11:50:24 | 003,623,200 | ---- | M] (Sendori) -- C:\Program Files\Sendori\sndappv2.exe
PRC - [2013/10/07 11:50:24 | 000,022,304 | ---- | M] (sendori) -- C:\Program Files\Sendori\Sendori.Service.exe
MOD - [2014/01/29 16:13:15 | 002,961,368 | ---- | M] () -- c:\Program Files\Optimizer Pro\OptProCrash.dll
MOD - [2014/01/27 07:23:44 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2014/01/27 07:05:16 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
SRV - [2014/01/29 17:06:05 | 000,103,200 | ---- | M] () [Auto | Running] -- C:\Program Files\RightSurf\bin\utilRightSurf.exe -- (Util RightSurf)
SRV - [2014/01/29 15:13:48 | 000,103,200 | ---- | M] () [Auto | Running] -- C:\Program Files\RightSurf\updateRightSurf.exe -- (Update RightSurf)
SRV - [2014/01/29 12:51:01 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/29 00:09:50 | 002,301,216 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/01/27 07:35:28 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/10/07 11:50:28 | 000,120,096 | ---- | M] (Sendori, Inc.) [Auto | Running] -- C:\Program Files\Sendori\SendoriSvc.exe -- (Application Sendori)
SRV - [2013/10/07 11:50:24 | 003,623,200 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files\Sendori\sndappv2.exe -- (sndappv2)
SRV - [2013/10/07 11:50:24 | 000,022,304 | ---- | M] (sendori) [Auto | Running] -- C:\Program Files\Sendori\Sendori.Service.exe -- (Service Sendori)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=550948739&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {77AA745B-F4F8-45DA-9B14-61D2D95054C8}
IE - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...r=550948739&ir=
IE - HKLM\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.tb.ask...r={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...926556E2F&SSPV=
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...r=550948739&ir=
IE - HKCU\..\SearchScopes\{D8559971-6A9F-467D-9C70-5F5B3A0DD246}: "URL" = http://isearch.shopa...q={searchTerms}
IE - HKCU\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.tb.ask...r={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Conduit Search"
FF - prefs.js..browser.search.order.1: "Mysearchdial"
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..browser.startup.homepage: "http://search.condui...26556E2F&SSPV="
FF - prefs.js..extensions.enabledAddons: %7Bb9a19c25-a741-47e5-91a2-0b62bef307ff%7D:1.0.0
FF - prefs.js..extensions.enabledAddons: %7Bad9a41d2-9a49-4fa6-a79e-71a0785364c8%7D:9.5.3
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40mysearchdial.com:1.6.0
FF - prefs.js..extensions.enabledAddons: TidyNetwork%40TidyNetwork:5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
[2014/01/29 16:09:19 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2014/01/29 16:09:19 | 000,000,000 | ---D | M] (mysearchdial.com) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\[email protected]
[2014/01/29 16:13:25 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\TidyNetwork@TidyNetwork
[2014/01/29 15:13:48 | 000,009,074 | ---- | M] () (No name found) -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\extensions\{b9a19c25-a741-47e5-91a2-0b62bef307ff}.xpi
[2014/01/31 11:29:50 | 000,000,975 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\searchplugins\conduit-search.xml
[2014/01/29 16:09:25 | 000,002,399 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Mozilla\Firefox\Profiles\j30s7tgw.default\searchplugins\Mysearchdial.xml
CHR - Extension: MySearchDial = C:\Users\my computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\
O2 - BHO: (RightSurf) - {88be1aa9-6740-461c-9e3e-f35eb8fa741c} - C:\Program Files\RightSurf\RightSurfBHO.dll (RightSurf)
O2 - BHO: (TidyNetwork) - {AF2E6626-F705-3A11-EE8F-BAB265C01179} - C:\Program Files\TidyNetwork\petn.dll ()
O2 - BHO: (mysearchdial Helper Object) - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (MySearchDial)
O3 - HKLM\..\Toolbar: (mysearchdial Toolbar) - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (MySearchDial)
O4 - HKLM..\Run: [Sendori Tray] C:\Program Files\Sendori\SendoriTray.exe (Sendori, Inc.)
O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Software Limited)
O4 - Startup: C:\Users\my computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\Sendori.dll (Sendori)
O20 - AppInit_DLLs: (c:\progra~1\optimi~1\optpro~1.dll) - c:\Program Files\Optimizer Pro\OptProCrash.dll ()
[2014/01/29 16:18:28 | 000,000,000 | ---D | C] -- C:\Users\my computer\Documents\Optimizer Pro
[2014/01/29 16:18:26 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\Optimizer Pro
[2014/01/29 16:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/29 16:13:32 | 000,325,920 | ---- | C] (Sendori) -- C:\Windows\System32\Sendori.dll
[2014/01/29 16:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sendori
[2014/01/29 16:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\Sendori
[2014/01/29 16:13:21 | 000,000,000 | ---D | C] -- C:\Program Files\TidyNetwork
[2014/01/29 16:13:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2014/01/29 16:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2014/01/29 16:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2014/01/29 16:11:58 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Local\SearchProtect
[2014/01/29 16:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2014/01/29 16:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\RightSurf
[2014/01/29 16:05:29 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/01/29 16:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/01/29 16:05:04 | 000,018,776 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2014/01/29 16:04:59 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\systweak
[2014/01/29 16:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2014/01/29 16:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2014/01/29 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mysearchdial
[2014/01/30 16:43:33 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2014/01/30 03:25:44 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2014/01/29 16:13:13 | 000,001,020 | ---- | M] () -- C:\Users\my computer\Desktop\Optimizer Pro.lnk
[2014/01/29 16:05:31 | 000,001,055 | ---- | M] () -- C:\Users\my computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/01/29 16:05:30 | 000,001,045 | ---- | M] () -- C:\Users\my computer\Desktop\MyPC Backup.lnk
[2014/01/29 16:05:07 | 000,000,399 | ---- | M] () -- C:\Users\my computer\Desktop\MySearchDial.url
[2014/01/29 16:05:01 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2014/01/29 16:04:57 | 000,366,611 | ---- | M] () -- C:\Users\my computer\AppData\Local\mysearchdial-speeddial.crx
[2014/01/29 16:13:13 | 000,001,020 | ---- | C] () -- C:\Users\my computer\Desktop\Optimizer Pro.lnk
[2014/01/29 16:08:50 | 000,366,611 | ---- | C] () -- C:\Users\my computer\AppData\Local\mysearchdial-speeddial.crx
[2014/01/29 16:05:38 | 000,000,276 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2014/01/29 16:05:35 | 000,000,284 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2014/01/29 16:05:31 | 000,001,055 | ---- | C] () -- C:\Users\my computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/01/29 16:05:30 | 000,001,045 | ---- | C] () -- C:\Users\my computer\Desktop\MyPC Backup.lnk
[2014/01/29 16:05:07 | 000,000,399 | ---- | C] () -- C:\Users\my computer\Desktop\MySearchDial.url
[2014/01/29 16:05:01 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2014/01/29 16:04:57 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\mysearchdial
[2014/01/29 16:18:26 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\Optimizer Pro
[2014/01/29 16:05:59 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\systweak
O20 - AppInit_DLLs: (c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll) - c:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O33 - MountPoints2\{8cd00129-1fe8-11e3-94b1-0019bb4bed7f}\Shell\AutoRun\command - "" = E:\AutoRun.exe {6CFADEA7-D909-405F-8B40-21DBFBBE0389}10.2066.1.5B03 PID_0083
[2014/01/29 16:04:57 | 000,000,000 | ---D | C] -- C:\Users\my computer\AppData\Roaming\mysearchdial
[2014/01/31 10:04:00 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2014/01/30 16:55:34 | 000,000,000 | ---D | M] -- C:\Users\my computer\AppData\Roaming\TuneUp Software

:Commands
[emptytemp]




Then press the Run Fix button

Your computer will reboot. If it does not, please manually reboot.

Next, scan with RogueKiller

Download link for 64 bit system


Let the pre-scan finish. After that click on Scan;The scan won't take long;A log has been created on your Desktop;Copy and paste the content of the log in your next reply.

Re-Run OTL

Run OTL again and click Quick Scan.

Copy and paste the contents of the log that it produces into your next post back to me.

To summerize, you should be posting a RogueKiller scan and an OTL scan back to me.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP