Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 running too slow ...


  • This topic is locked This topic is locked

#1
Nanee5_08

Nanee5_08

    Member

  • Member
  • PipPip
  • 55 posts
Hello! I have an Acer Aspire that is running Windows 7 premium home edition. I am trying to get it up to snuff so I can use it, as I haven't messed with it very much. It seems to run kinda slow, especially the web browsers (Chrome and Mozilla). I took the liberty of running OTL and am adding the logs just to get things going. Thanks in advance.

OTL logfile created on: 3/1/2014 9:01:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Donna\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.95 Mb Total Physical Memory | 157.44 Mb Available Physical Memory | 15.53% Memory free
1.99 Gb Paging File | 0.43 Gb Available in Paging File | 21.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.95 Gb Total Space | 109.14 Gb Free Space | 79.70% Space Free | Partition Type: NTFS

Computer Name: DONNA-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/03/01 20:42:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
PRC - [2014/03/01 18:55:22 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
PRC - [2014/03/01 16:51:46 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/03/01 11:43:55 | 002,552,856 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2014/03/01 11:42:27 | 001,771,544 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
PRC - [2014/03/01 11:42:27 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
PRC - [2013/10/23 18:24:25 | 000,235,728 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
PRC - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
PRC - [2013/08/01 18:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/06/24 20:58:43 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/30 16:47:36 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/09/30 16:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/09/30 16:46:28 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009/09/10 07:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 03:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GregHSRW.exe
PRC - [2009/08/18 03:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2009/07/10 04:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2014/03/01 18:55:21 | 016,265,096 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014/03/01 16:51:42 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/03/01 16:04:29 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\5bce8f20c40a761f9d863216fef8f3ce\UIAutomationProvider.ni.dll
MOD - [2014/03/01 16:04:00 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014/03/01 16:02:43 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\13c50e7f6e6117b893e062d05602a404\Accessibility.ni.dll
MOD - [2014/03/01 15:18:45 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\880358291baf3043e07b2a7c2f401c85\PresentationFramework.ni.dll
MOD - [2014/03/01 15:17:32 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\db591e35967527b7b864124303dea13a\PresentationCore.ni.dll
MOD - [2014/03/01 15:17:14 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4bfb0decf7cfe076020f64ee6dd007cc\PresentationFramework.Aero.ni.dll
MOD - [2014/03/01 15:16:47 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014/03/01 15:16:17 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dc74ab189aa9b156581a7228866d3330\WindowsBase.ni.dll
MOD - [2014/03/01 15:15:31 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014/03/01 15:13:48 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014/03/01 15:13:12 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014/03/01 15:12:44 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2014/03/01 11:43:55 | 002,552,856 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2014/03/01 11:42:28 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
MOD - [2014/02/19 19:03:05 | 000,394,568 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll
MOD - [2014/02/19 19:03:04 | 013,632,840 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
MOD - [2014/02/19 19:03:03 | 004,060,488 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll
MOD - [2014/02/19 19:02:56 | 001,647,432 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
MOD - [2014/02/19 19:02:54 | 000,051,016 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
MOD - [2013/09/29 20:19:31 | 004,591,616 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libGLESv2.dll
MOD - [2013/09/29 20:19:31 | 000,112,128 | ---- | M] () -- C:\Users\Donna\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libEGL.dll
MOD - [2013/03/19 12:07:15 | 000,508,136 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2014/03/01 18:55:22 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/01 16:51:44 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/01 11:42:27 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010/05/20 00:02:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/09/30 16:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/09/10 07:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 03:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/10 04:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - [2013/11/12 18:11:58 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/07/16 15:06:06 | 000,135,472 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys -- (bdselfpr)
DRV - [2013/07/02 14:03:59 | 000,108,008 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys -- (bdfwfpf)
DRV - [2013/05/28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2013/04/22 13:20:34 | 000,164,952 | ---- | M] (BitDefender LLC) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)
DRV - [2013/04/17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2013/04/17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/11/20 04:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2009/09/20 20:58:28 | 001,218,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/27 01:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/06/23 20:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/06/02 05:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/02 05:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/02 05:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...04wwl5w4942r24o
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 9B E9 C5 5F AF CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{34A0FC6D-9B4A-4550-B1DB-E0F41C49EDE4}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...&rlz=1I7ACAW_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2013-06-18 21:43:37&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=WLEM&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: chachaguidebar%40chacha.com:1.2
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:17.0.0.9
FF - prefs.js..extensions.enabledAddons: addon%40defaulttab.com:2.3.2
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.0.20140128092014
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: [email protected]:15.3.0.11
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1423
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.00.01
FF - prefs.js..keyword.URL: "http://isearch.avg.c...fr&d=2013-06-18 21:43:37&pid=avg&sg=0&v=15.3.0.11&sap=ku&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Donna\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Donna\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.0.9 [2013/09/29 17:40:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/03/01 16:51:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/03/01 16:51:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/03/01 16:51:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/03/01 16:51:24 | 000,000,000 | ---D | M]

[2010/01/28 23:43:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\Mozilla\Extensions
[2014/03/01 18:48:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\extensions
[2014/03/01 16:31:51 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/04/24 17:36:53 | 000,000,000 | ---D | M] (ChaCha Guide App Toolbar) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\extensions\[email protected]
[2014/03/01 18:48:03 | 000,050,738 | ---- | M] () (No name found) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\extensions\[email protected]
[2010/12/02 19:28:43 | 000,001,832 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\searchplugins\bing.xml
[2014/03/01 20:11:30 | 000,001,977 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\searchplugins\search-here.xml
[2014/03/01 16:51:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/03/01 16:51:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/03/01 16:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2014/03/01 16:51:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/09/29 17:40:08 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\17.0.0.9
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://my.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.1\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Tibi = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahfnihbbceiilhalikfkonbipolponko\2_0\
CHR - Extension: ChaCha Guide Application extension = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebelbcbfjbbogojkmekbhaigjbceojff\28_0\
CHR - Extension: AVG Security Toolbar = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.0.49_0\
CHR - Extension: Google Wallet = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E416102B-D8CB-4A47-B667-2EA56E8E419B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/03/01 20:42:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
[2014/03/01 18:54:11 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Adobe
[2014/03/01 18:30:01 | 000,242,504 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys
[2014/03/01 18:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
[2014/03/01 18:12:21 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2014/03/01 18:12:02 | 000,633,344 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2014/03/01 18:12:02 | 000,486,536 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2014/03/01 17:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/03/01 17:59:51 | 000,164,952 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2014/03/01 17:59:48 | 000,355,744 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2014/03/01 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\QuickScan
[2014/03/01 16:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/03/01 16:36:35 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Malwarebytes
[2014/03/01 16:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/01 16:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/01 16:36:01 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/03/01 16:36:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/03/01 16:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/03/01 16:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/03/01 14:52:28 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\{D3CB01E7-7ECE-4127-940B-D84B6DE40288}
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/03/01 20:42:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
[2014/03/01 20:42:05 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1834033059-1348628536-3071649529-1000UA.job
[2014/03/01 20:41:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/01 20:40:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/01 20:26:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/01 18:30:02 | 000,242,504 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys
[2014/03/01 18:26:32 | 000,002,842 | ---- | M] () -- C:\Windows\System32\lic2.xml21886
[2014/03/01 18:13:01 | 001,580,165 | ---- | M] () -- C:\ProgramData\1393718368.bdinstall.bin
[2014/03/01 18:12:28 | 000,002,140 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
[2014/03/01 18:03:35 | 000,015,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/01 18:03:35 | 000,015,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/01 17:56:17 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/01 17:55:19 | 797,396,992 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/01 16:36:06 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/01 16:31:45 | 000,000,126 | ---- | M] () -- C:\Windows\wininit.ini
[2014/03/01 16:14:58 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/01 15:56:27 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/01 15:56:27 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/01 15:48:10 | 000,359,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/01 15:17:09 | 000,002,336 | ---- | M] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/01 15:17:05 | 000,002,334 | ---- | M] () -- C:\Users\Donna\Desktop\Google Chrome.lnk
[2014/03/01 14:42:06 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1834033059-1348628536-3071649529-1000Core.job
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/03/01 18:14:16 | 000,002,842 | ---- | C] () -- C:\Windows\System32\lic2.xml21886
[2014/03/01 18:13:00 | 001,580,165 | ---- | C] () -- C:\ProgramData\1393718368.bdinstall.bin
[2014/03/01 18:12:28 | 000,002,140 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
[2014/03/01 16:36:06 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/01 16:31:45 | 000,000,126 | ---- | C] () -- C:\Windows\wininit.ini
[2014/03/01 16:14:57 | 000,001,085 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/03/01 16:14:57 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/11/12 21:32:01 | 000,007,605 | ---- | C] () -- C:\Users\Donna\AppData\Local\Resmon.ResmonCfg
[2013/09/29 18:40:36 | 000,003,004 | ---- | C] () -- C:\Program Files\WebCakeLayers.crx
[2013/06/19 21:52:57 | 000,000,258 | RHS- | C] () -- C:\Users\Donna\ntuser.pol
[2010/02/19 21:32:22 | 000,000,110 | ---- | C] () -- C:\Users\Donna\webct_upload_applet.properties
[2010/02/04 12:19:22 | 000,000,000 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/01/29 22:28:39 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Acer
[2013/09/29 20:48:23 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Betcat
[2014/03/01 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\DigitalSite
[2013/11/13 00:03:26 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\eSobi
[2010/01/29 22:28:37 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Leadertech
[2010/01/30 17:40:45 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\OpenOffice.org
[2014/03/01 18:00:25 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\QuickScan
[2013/09/29 18:25:08 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\TuneUp Software
[2010/11/27 17:46:26 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 3/1/2014 9:01:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Donna\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.95 Mb Total Physical Memory | 157.44 Mb Available Physical Memory | 15.53% Memory free
1.99 Gb Paging File | 0.43 Gb Available in Paging File | 21.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.95 Gb Total Space | 109.14 Gb Free Space | 79.70% Space Free | Partition Type: NTFS

Computer Name: DONNA-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3A2CFB1E-E498-49E5-BE99-6E50088A75E2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{48390D52-6DF4-473A-8020-DB3B9F372103}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE4BD0E8-3AB4-401C-9436-7C3CBD7981AC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D496D81B-3C1C-4A9F-81EB-31D51EDD1209}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06CA124B-658D-4FDA-8285-8B5B5806FB38}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0766CE88-A405-4195-9A22-F6FAEB559133}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0AD1A06C-C79F-4F8D-8849-0A0E87B4F160}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{1A2EAC42-3160-4DCE-A2FC-6F9DD36F9373}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{20E45120-C292-496D-BD05-4A52DF136D74}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{355EC600-780E-46AB-AC5E-4FA7B845BF71}" = dir=in | app=c:\program files\acer\acer vcm\rs_service.exe |
"{4ABAD0D8-5B6A-4E3E-91A0-F7DAD2D55A90}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{52BF855D-D9C5-4546-877F-C93C542A6A50}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{65D4CB0B-8A6B-439F-9BD5-AAE47DE8098B}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{6A1541D1-1051-4DEC-9F75-E34ABEE811F8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{76E3F87E-037D-4A9E-9EA0-97702F14CB60}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{7B629C8D-DDEE-45D4-B9F7-BC24DE6F3C02}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{7D69A179-A937-465B-B3BA-15644AC25C2C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe |
"{976E2A20-04A4-488D-9656-9F1511523EDD}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{98CBA006-FF69-4AAD-A6AA-7C16F25003C1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A811003E-30D6-486C-8319-23645AB3D78F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AD421E93-AF61-4B86-A4E0-A2659D9306ED}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{B4B8FA3B-F6D7-45DB-A1C2-476E0B7A31A2}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{BF8371E8-1D4A-49EF-9FBD-8AE5C6F6F1A1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E4C2EF61-4646-4A09-AD30-E332B80A9540}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{EC9BCA18-0BA3-47E6-8C90-B6B4FEC519C6}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java™ 6 Update 18
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1" = Panda Cloud Cleaner
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.81.402
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AVG Secure Search" = AVG Security Toolbar
"BitDefender Gonzales" = Bitdefender Antivirus Free Edition
"Debut" = Debut Video Capture Software
"HDMI" = Intel® Graphics Media Accelerator Driver
"Identity Card" = Identity Card
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"RealPlayer 12.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/12/2013 9:24:06 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 9:24:09 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 9:24:12 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 9:24:15 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 9:24:17 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 9:24:19 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 9:24:21 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 9:24:23 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 9:24:24 PM | Computer Name = Donna-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 11/12/2013 10:49:24 PM | Computer Name = Donna-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 10/4/2013 1:01:28 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 11/12/2013 8:10:46 PM | Computer Name = Donna-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:02:13 AM on ?10/?8/?2013 was unexpected.

Error - 11/12/2013 8:11:06 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 11/12/2013 8:16:15 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 11/12/2013 8:18:40 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Google
Update Service (gupdate1cc8c626fe63048) service to connect.

Error - 11/12/2013 8:18:40 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate1cc8c626fe63048) service failed
to start due to the following error: %%1053

Error - 11/12/2013 9:21:17 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 11/12/2013 11:51:56 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the avgwd service.

Error - 11/12/2013 11:53:42 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2

Error - 11/13/2013 2:36:14 AM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee SiteAdvisor Service service failed to start due to the
following error: %%2


< End of report >
  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hi! Nanee5_08. My name is zep516 and Welcome to Geeks to go!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

You have a bit of adware.



First

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner

Next
Posted Image Please download Junkware Removal Tool to your Desktop.

Please close your security software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.


In your next reply to me:

  • Post the AdwCleaner[S0].txt
  • Post the JRT.txt log


Thanks
Joe :)
  • 0

#3
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Here is the first one..


# AdwCleaner v3.020 - Report created 03/03/2014 at 10:22:43
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Donna - DONNA-PC
# Running from : C:\Users\Donna\AppData\Local\Temp\Temp1_22d87ad2c65e2c98d778227b738ff48f_adwcleaner.zip\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater17.3.0

***** [ Files / Folders ] *****

[/!\] Not Deleted ( Junction ) : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Program Files\sweetpacks bundle uninstaller
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Donna\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Donna\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Donna\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Donna\AppData\Roaming\Betcat
Folder Deleted : C:\Users\Donna\AppData\Roaming\digitalsite
Folder Deleted : C:\Users\Donna\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Deleted : C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\Extensions\[email protected]
File Deleted : C:\Program Files\WebCakeLayers.crx
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\searchplugins\search-here.xml
File Deleted : C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\user.js
File Deleted : C:\Windows\Tasks\digitalsite.job
File Deleted : C:\Windows\System32\Tasks\digitalsite

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95829C9D-CE10-4743-86F2-21F0BF046E53}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95829C9D-CE10-4743-86F2-21F0BF046E53}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\prefs.js ]

Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\17.0.0.9");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0018[...]
Line Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={2553E6E4-7A2F-4EA1-9628-599C11B0016D}&mid=c33a394f18921f48e7b8c6059c8d619c-bef75d8b822e6005aedb7384e9a5767a39e57b01&lang=us&ds=AVG&pr=fr&d=[...]

-\\ Google Chrome v

[ File : C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8952 octets] - [03/03/2014 10:11:47]
AdwCleaner[S0].txt - [9148 octets] - [03/03/2014 10:22:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9208 octets] ##########
  • 0

#4
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Here is the second one...


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x86
Ran by Donna on Mon 03/03/2014 at 10:55:22.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{34A0FC6D-9B4A-4550-B1DB-E0F41C49EDE4}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Donna\appdata\local\{13257BB0-B797-4031-AD11-E59A2A6814C0}
Successfully deleted: [Empty Folder] C:\Users\Donna\appdata\local\{D3CB01E7-7ECE-4127-940B-D84B6DE40288}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Donna\AppData\Roaming\mozilla\firefox\profiles\3a22vja7.default\extensions\[email protected]
Successfully deleted the following from C:\Users\Donna\AppData\Roaming\mozilla\firefox\profiles\3a22vja7.default\prefs.js

user_pref("extensions.defaulttab.installdate", 1362185303);
user_pref("extensions.defaulttab.lastNetSeerDownload", 1393721308);
user_pref("extensions.defaulttab.useNewTabWhiteList", false);



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/03/2014 at 11:04:27.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#5
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hi Nanee5_08,

Next

Lets remove all of those programs listed below. "If" found.
==> Click > Start > Control Panel > Programs & Features.

  • Java™ 6 Update 26
  • Java™ 6 Update 18
  • AVG Security Toolbar

Old versions of Java are a infection risk!


Next

We need to do a "fix" to delete some files using OTL

  • Double click on the Posted Image to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :COMMANDS
    [CREATERESTOREPOINT]
    
    :OTL
    SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service)
    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
    SRV - [2014/03/01 11:42:27 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
    DRV - [2013/11/12 18:11:58 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
    IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
    IE - HKCU\..\SearchScopes\{34A0FC6D-9B4A-4550-B1DB-E0F41C49EDE4}: "URL" = http://www.mysearchr...q={searchTerms}
    IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2013-06-18 21:43:37&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
    FF - prefs.js..extensions.enabledAddons: chachaguidebar%40chacha.com:1.2
    FF - prefs.js..extensions.enabledAddons: avg%40toolbar:17.0.0.9
    FF - prefs.js..extensions.enabledItems: [email protected]:1.2
    FF - prefs.js..extensions.enabledItems: [email protected]:15.3.0.11
    FF - prefs.js..extensions.enabledItems: [email protected]:1.00.01
    FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid={2553E6E4-7A2F-4EA1-9628-599C11B0016D}&mid=c33a394f18921f48e7b8c6059c8d619c-bef75d8b822e6005aedb7384e9a5767a39e57b01&lang=us&ds=AVG&pr=fr&d=2013-06-18 21:43:37&pid=avg&sg=0&v=15.3.0.11&sap=ku&q="
    FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.0.9 [2013/09/29 17:40:08 | 000,000,000 | ---D | M]
    [2011/04/24 17:36:53 | 000,000,000 | ---D | M] (ChaCha Guide App Toolbar) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\extensions\[email protected]
    [2013/09/29 17:40:08 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\17.0.0.9
    O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll (AVG Secure Search)
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll (AVG Secure Search)
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
    O13 - gopher Prefix: missing
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
    [2013/09/29 18:40:36 | 000,003,004 | ---- | C] () -- C:\Program Files\WebCakeLayers.crx
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [emptytemp]
    [resethosts]
    
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.

In your next reply post:

  • The OTL Fix Log located here--->C:\_OTL\Moved Files
  • The OTL Log after Quick scan.

Thanks
Joe :)

How is the computer now?
  • 0

#6
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Here you go:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service McAfee SiteAdvisor Service stopped successfully!
Service McAfee SiteAdvisor Service deleted successfully!
File c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe not found.
Service AVG Security Toolbar Service stopped successfully!
Service AVG Security Toolbar Service deleted successfully!
File C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe not found.
Error: No service named vToolbarUpdater17.3.0 was found to stop!
Service\Driver key vToolbarUpdater17.3.0 not found.
File C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe not found.
Service avgtp stopped successfully!
Service avgtp deleted successfully!
C:\Windows\System32\drivers\avgtpx86.sys moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{34A0FC6D-9B4A-4550-B1DB-E0F41C49EDE4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34A0FC6D-9B4A-4550-B1DB-E0F41C49EDE4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Prefs.js: chachaguidebar%40chacha.com:1.2 removed from extensions.enabledAddons
Prefs.js: avg%40toolbar:17.0.0.9 removed from extensions.enabledAddons
Prefs.js: [email protected]:1.2 removed from extensions.enabledItems
Prefs.js: [email protected]:15.3.0.11 removed from extensions.enabledItems
Prefs.js: [email protected]:1.00.01 removed from extensions.enabledItems
Prefs.js: "http://isearch.avg.c...fr&d=2013-06-18 21:43:37&pid=avg&sg=0&v=15.3.0.11&sap=ku&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ not found.
File C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ not found.
File C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] not found.
File C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.0.9 not found.
Folder C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\extensions\[email protected]\ not found.
Folder C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\17.0.0.9\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt not found.
File C:\Program Files\AVG Secure Search\vprot.exe not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
File C:\Program Files\WebCakeLayers.crx not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Donna\Desktop\cmd.bat deleted successfully.
C:\Users\Donna\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Donna
->Temp folder emptied: 229988855 bytes
->Temporary Internet Files folder emptied: 226220422 bytes
->Java cache emptied: 3703097 bytes
->FireFox cache emptied: 127695536 bytes
->Google Chrome cache emptied: 117046152 bytes
->Flash cache emptied: 45047 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 114114422 bytes
RecycleBin emptied: 1576 bytes

Total Files Cleaned = 781.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 03032014_153038

Files\Folders moved on Reboot...
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_left.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_left.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_right.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_right.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\alert_middle.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\alert_middle.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\award.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\award.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\back.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\back.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background_award_flow.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background_award_flow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background_install_steps.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background_install_steps.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background_tall.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background_tall.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background_uninstall.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\background_uninstall.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bd_logo.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bd_logo.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_AlertWindow.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_AlertWindow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_header_image.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_header_image.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_active.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\big_picture.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\big_picture.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\big_shadow.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\big_shadow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\btn_combo.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\btn_combo.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_active.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_disabled.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\button.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\button_active.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\button_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\button_disabled.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\button_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\button_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_disabled.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_disabled.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\close.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\close.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\delete_normal.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\delete_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\details_button.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\details_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\feedback_banner.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\feedback_banner.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\flow_background.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\flow_background.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_alert.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_alert.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_critical.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_critical.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_critical_big.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_critical_big.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_done.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_done.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_done_big.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_done_big.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_informative.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_informative.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_notok.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_notok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_ok.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_sb.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_sb.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_skipped.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\icon_skipped.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\input_bg.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\input_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\install_big_button.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\install_big_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\install_big_button_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\install_big_button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\install_button.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\install_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\install_button_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\install_button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\loader_install.gif scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\loader_install.gif.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\lock_normal.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\lock_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\minimize.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\minimize.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\open_normal.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\open_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\pending.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\pending.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\products_chart.jpg scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\products_chart.jpg.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_not_ok.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_not_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_ok.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\progress_bg.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\progress_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\qs_scan_log.xsl scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\qs_scan_log.xsl.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\scroll_next.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\scroll_next.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\scroll_prev.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\scroll_prev.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_fb.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_fb.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_go.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_go.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_line.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_line.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_tabel.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_tabel.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_top_text.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_top_text.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_tw.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\share_tw.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\small_shadow.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\small_shadow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sswitch_off.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sswitch_off.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sswitch_on.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sswitch_on.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\status_bg.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\status_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sys_btn.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sys_btn.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_active.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\top_header_bg.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\top_header_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\unlock_normal.png scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\images\unlock_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\award_flow1.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\award_flow1.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\award_flow2.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\award_flow2.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\bdHtmlBox.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\bdHtmlBox.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\cpptexts.xlf scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\cpptexts.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\en-US.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\en-US.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\eula.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\eula.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\eula_text.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\eula_text.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\eula_text_en.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\eula_text_en.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\general.xlf scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\general.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\httpaph.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\httpaph.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\httpgeneric.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\httpgeneric.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\httpmalware.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\httpmalware.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\installer.xlf scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\installer.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\it-IT.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\it-IT.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\lang.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\lang.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\lang.xml.online scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\lang.xml.online.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\logs.xlf scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\logs.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\main.ui.css scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\main.ui.css.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\notifications.xlf scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\notifications.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\rem_confirm.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\rem_confirm.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\rem_confirm_p.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\rem_confirm_p.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\repair_progress.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\repair_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\setup_progress.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\setup_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\uninstall_progress.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\uninstall_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\welcome.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\lang\welcome.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\ACA.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Ad-Aware.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Advanced_System_Protect.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\alading.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\AntiVir.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\avast5.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\AVG.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Avira.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\BackWeb-4476822.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\BBC.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Bitdefender 2011.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Bitdefender Anti-Theft.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Bitdefender Antivirus.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Bitdefender Bussiness Client.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Bitdefender Internet Security.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Bitdefender Total Security.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\BullGuard.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\cciss.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\COMODO.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\DRWEB.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\ESET.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\eTrust.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\F-Secure.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\G Data.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\GUIDs.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\JiangMin.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Kaspersky.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Kingsoft.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\kingsoftSafeguard.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\kv antivirus.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Lavasoft.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\McAfee.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\MicroPoint.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Microsoft Security Essentials.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Mobile.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\MSC.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Norman.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Norton.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\OfficeScan95.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\OfficeScanNT.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Panda.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\PC Tools.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Premium.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\qqpcmgr.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\qqprotect.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Rav.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\RFW.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Ris.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\safeguard360.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\ServerProtect.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\SunBelt.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Trend Micro.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\VETWIN32Vp5.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Virus.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\Webroot.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\WinSS.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\extern\ZoneAlarm.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\core\bdcore.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\core\bdcore.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\additional.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\additional.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\avcheck.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\avcheck.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdardrv.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdardrv.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdmetrics.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdmetrics.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdnc.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdnc.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdnc.ini scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdnc.ini.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdnc.ipv4 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdselfpr.sys scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\bdselfpr.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\contacts.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\contacts.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\detection.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\gzflt.sys scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\gzflt.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\gzfltum.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\gzfltum.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\htmlayout.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\htmlayout.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\Installer.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\Installer.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\installerpackage.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\installerpackage.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\install_x64.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\install_x64.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\install_x86.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\install_x86.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\no_connection.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\no_connection.html.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\npcomm.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\npcomm.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\pluginsx86.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\pluginsx86.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\qs_scan_log.html scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\qs_scan_log.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\qs_scan_log.xsl scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\qs_scan_log.xsl.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\servers.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\servers.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\setuplauncher.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\setuplauncher.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\standalone.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\standalone.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\ThreatScanner.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\ThreatScanner.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\trufos.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\trufos.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\trufos.sys scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\trufos.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\unrar.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\unrar.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\update.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\update.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\update_config.xml scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\update_config.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\UserGuide.pdf scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\UserGuide.pdf.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\wslib.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\wslib.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\wspack.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\wspack.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\wsutils.dll scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\RarSFX0\wsutils.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Users\Donna\AppData\Local\Temp\gziface1.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...




And...


OTL logfile created on: 3/3/2014 3:42:03 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Donna\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.95 Mb Total Physical Memory | 265.34 Mb Available Physical Memory | 26.17% Memory free
1.99 Gb Paging File | 0.93 Gb Available in Paging File | 46.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.95 Gb Total Space | 111.75 Gb Free Space | 81.60% Space Free | Partition Type: NTFS

Computer Name: DONNA-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/03/01 20:42:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
PRC - [2013/10/23 18:24:33 | 001,133,864 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
PRC - [2013/10/23 18:24:25 | 000,235,728 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
PRC - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
PRC - [2013/08/01 18:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/06/24 20:58:43 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/30 16:47:36 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/09/30 16:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/09/30 16:46:28 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009/09/10 07:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 03:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GregHSRW.exe
PRC - [2009/08/18 03:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2009/07/10 04:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2014/03/01 16:04:00 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014/03/01 15:18:45 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\880358291baf3043e07b2a7c2f401c85\PresentationFramework.ni.dll
MOD - [2014/03/01 15:17:32 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\db591e35967527b7b864124303dea13a\PresentationCore.ni.dll
MOD - [2014/03/01 15:17:14 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4bfb0decf7cfe076020f64ee6dd007cc\PresentationFramework.Aero.ni.dll
MOD - [2014/03/01 15:16:47 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014/03/01 15:16:17 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dc74ab189aa9b156581a7228866d3330\WindowsBase.ni.dll
MOD - [2014/03/01 15:15:31 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014/03/01 15:13:48 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014/03/01 15:13:12 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014/03/01 15:12:44 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2013/03/19 12:07:15 | 000,508,136 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll


========== Services (SafeList) ==========

SRV - [2014/03/01 18:55:22 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/01 16:51:44 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010/05/20 00:02:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/09/30 16:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/09/10 07:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 03:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/10 04:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/07/03 20:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - [2013/07/16 15:06:06 | 000,135,472 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys -- (bdselfpr)
DRV - [2013/07/02 14:03:59 | 000,108,008 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys -- (bdfwfpf)
DRV - [2013/05/28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2013/04/22 13:20:34 | 000,164,952 | ---- | M] (BitDefender LLC) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)
DRV - [2013/04/17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2013/04/17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/11/20 04:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2009/09/20 20:58:28 | 001,218,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/27 01:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/06/23 20:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/06/02 05:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/02 05:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/02 05:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...04wwl5w4942r24o
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 9B E9 C5 5F AF CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...&rlz=1I7ACAW_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=WLEM&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons:
FF - prefs.js..extensions.enabledAddons:
FF - prefs.js..extensions.enabledAddons: addon%40defaulttab.com:2.3.2
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.0.20140128092014
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Donna\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Donna\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/03/01 16:51:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/03/01 16:51:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/03/01 16:51:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/03/01 16:51:24 | 000,000,000 | ---D | M]

[2010/01/28 23:43:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\Mozilla\Extensions
[2014/03/03 11:02:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\extensions
[2010/12/02 19:28:43 | 000,001,832 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Profiles\3a22vja7.default\searchplugins\bing.xml
[2014/03/03 15:10:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/03/01 16:51:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/03/01 16:51:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/03/01 16:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2014/03/01 16:51:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\17.0.0.9
File not found (No name found) -- C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3A22VJA7.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3A22VJA7.DEFAULT\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\DONNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3A22VJA7.DEFAULT\EXTENSIONS\[email protected]
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://my.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Donna\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.1\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Tibi = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahfnihbbceiilhalikfkonbipolponko\2_0\
CHR - Extension: ChaCha Guide Application extension = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebelbcbfjbbogojkmekbhaigjbceojff\28_0\
CHR - Extension: Google Wallet = C:\Users\Donna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

O1 HOSTS File: ([2014/03/03 15:33:30 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E416102B-D8CB-4A47-B667-2EA56E8E419B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/03/03 15:44:59 | 000,242,504 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys.upd
[2014/03/03 15:30:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/03/03 10:55:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/03 10:43:24 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Donna\Desktop\JRT.exe
[2014/03/03 10:11:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/03 10:05:30 | 000,000,000 | ---D | C] -- C:\Users\Donna\Desktop\AdwCleaner_TSV156RIH
[2014/03/03 09:57:03 | 000,681,304 | ---- | C] (ClientConnect) -- C:\Users\Donna\Desktop\AdwCleaner_TSV156RIH.exe
[2014/03/01 20:42:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
[2014/03/01 18:54:11 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Local\Adobe
[2014/03/01 18:12:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
[2014/03/01 18:12:02 | 000,633,344 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2014/03/01 18:12:02 | 000,486,536 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2014/03/01 17:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/03/01 17:59:51 | 000,164,952 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2014/03/01 17:59:48 | 000,355,744 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2014/03/01 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\QuickScan
[2014/03/01 16:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/03/01 16:36:35 | 000,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Malwarebytes
[2014/03/01 16:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/01 16:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/01 16:36:01 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/03/01 16:36:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/03/01 16:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/03/01 16:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

========== Files - Modified Within 30 Days ==========

[2014/03/03 15:44:59 | 000,242,504 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys.upd
[2014/03/03 15:43:17 | 000,015,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/03 15:43:17 | 000,015,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/03 15:42:33 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1834033059-1348628536-3071649529-1000UA.job
[2014/03/03 15:37:07 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/03 15:35:48 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/03 15:34:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/03 15:34:46 | 797,396,992 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/03 15:33:30 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/03/03 15:26:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/03 14:50:40 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1834033059-1348628536-3071649529-1000Core.job
[2014/03/03 10:43:29 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\Donna\Desktop\JRT.exe
[2014/03/03 10:33:57 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/03 10:33:57 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/03 10:27:18 | 000,359,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/03 09:57:06 | 000,681,304 | ---- | M] (ClientConnect) -- C:\Users\Donna\Desktop\AdwCleaner_TSV156RIH.exe
[2014/03/01 20:42:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Desktop\OTL.exe
[2014/03/01 18:26:32 | 000,002,842 | ---- | M] () -- C:\Windows\System32\lic2.xml21886
[2014/03/01 18:13:01 | 001,580,165 | ---- | M] () -- C:\ProgramData\1393718368.bdinstall.bin
[2014/03/01 18:12:28 | 000,002,140 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
[2014/03/01 18:12:02 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\avchv.sys
[2014/03/01 16:36:06 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/01 16:31:45 | 000,000,126 | ---- | M] () -- C:\Windows\wininit.ini
[2014/03/01 16:14:58 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/01 15:17:09 | 000,002,336 | ---- | M] () -- C:\Users\Donna\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/01 15:17:05 | 000,002,334 | ---- | M] () -- C:\Users\Donna\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2014/03/01 18:30:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\avchv.sys
[2014/03/01 18:14:16 | 000,002,842 | ---- | C] () -- C:\Windows\System32\lic2.xml21886
[2014/03/01 18:13:00 | 001,580,165 | ---- | C] () -- C:\ProgramData\1393718368.bdinstall.bin
[2014/03/01 18:12:28 | 000,002,140 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
[2014/03/01 16:36:06 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/01 16:31:45 | 000,000,126 | ---- | C] () -- C:\Windows\wininit.ini
[2014/03/01 16:14:57 | 000,001,085 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/03/01 16:14:57 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/11/12 21:32:01 | 000,007,605 | ---- | C] () -- C:\Users\Donna\AppData\Local\Resmon.ResmonCfg
[2013/06/19 21:52:57 | 000,000,258 | RHS- | C] () -- C:\Users\Donna\ntuser.pol
[2010/02/19 21:32:22 | 000,000,110 | ---- | C] () -- C:\Users\Donna\webct_upload_applet.properties
[2010/02/04 12:19:22 | 000,000,000 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/01/29 22:28:39 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Acer
[2013/11/13 00:03:26 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\eSobi
[2010/01/29 22:28:37 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Leadertech
[2010/01/30 17:40:45 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\OpenOffice.org
[2014/03/01 18:00:25 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\QuickScan
[2013/09/29 18:25:08 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\TuneUp Software
[2010/11/27 17:46:26 | 000,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
  • 0

#7
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Thank you :)

I'll review your logs.

What issues remain?

Thanks
Joe :)
  • 0

#8
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
It seems to be doing pretty good, except for videos on youtube. They seem a bit choppy, but I wasn't sure if my processor just can't push them, or if it is the flash plugin or what. I think they are all up to date. Thanks for your help, btw. It us muchly appreciated. :)
  • 0

#9
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hi,

"Adding" more ram (Memory) may be very beneficial to you...

1013.95 Mb Total Physical Memory | 157.44 Mb Available Physical Memory | 15.53% Memory free


That's 1 Gig of ram (Memory) you have installed. I would strongly consider adding 1 more Gig to bring the Total Physical Memory up to 2 Gig.
Adding More Memory or RAM Is The Most Cost Effective Upgrade To Increase Performance of your computer.

You can scan for Ram Here It will tell what you need and what kind you need...

Next

Lets run 2 additional scans to double check for Malware / adware, I see you already have Malwarebytes installed so:

Open Malwarebytes and Run a quick scan with Malwarebytes

• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Next

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go >>HERE<< then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the Posted Image icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: Posted Image
    (Selecting Uninstall application on close if you so wish)

Last

Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


In your next reply to me post:

  • Malwarebytes log.
  • ESET Scan Results Log.
  • checkup.txt

Thanks
Joe :)
  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hi Nanee5_08,

Are you still with us ?

Thanks
Joe
  • 0

Advertisements


#11
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
LOL yes, sorry...have been busy, but will get on those other things tomorrow after church. Thanks for checking on me!
  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
I figured you were busy. Have a nice Church day, and I'll catch up tomorrow.

Thanks
Joe :)
  • 0

#13
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.09.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16798
Donna :: DONNA-PC [administrator]

Protection: Enabled

3/9/2014 2:09:31 PM
mbam-log-2014-03-09 (14-09-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225775
Time elapsed: 16 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Donna\Desktop\AdwCleaner_TSV156RIH.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.

(end)
  • 0

#14
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Well, crap. I did the ESET scan, and it didn't find anything, but I hit delete and finish before copying the log. No harm, no foul I guess.
  • 0

#15
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
And here is the last...

Results of screen317's Security Check version 0.99.80
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Bitdefender Antivirus Free Edition
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Panda Cloud Cleaner
Java version out of Date!
Adobe Flash Player 12.0.0.70
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (27.0.1)
Google Chrome 33.0.1750.117
Google Chrome 33.0.1750.146
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Bitdefender Antivirus Free Edition gzserv.exe
Bitdefender Antivirus Free Edition gziface.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP