Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Helping a friend [Closed]

Started by Ses198668 , Jul 18 2014 10:48 PM

  • This topic is locked This topic is locked

#1
Ses198668
Posted 18 July 2014 - 10:48 PM

Ses198668

    New Member

  • Member
  • Pip
  • 5 posts

My friend's computer is basically a dinosaur and I am pretty sure it's loaded with all kinds of malware and she never had it protected with an anti-virus program that she can remember. I'm basically starting fresh. I deleted programs I knew she wouldn't need and I've removed things from the start up. I'm already getting the indications there are issues for ex. the about:blank redirect. I used your services years and years ago (which means you did awesome cause I haven't had trouble with it since!), however, I am now using an ipad and the differences with the two technically are outstanding and I'm having trouble only after a few hours! Can you help me diagnose the issues?

 

Thank you in advance! I really appreciate it!

 

 

 

OTL logfile created on: 7/19/2014 12:24:09 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Owner\My Documents\My Pictures
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1014.36 Mb Total Physical Memory | 173.28 Mb Available Physical Memory | 17.08% Memory free
2.38 Gb Paging File | 1.25 Gb Available in Paging File | 52.57% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.92 Gb Total Space | 75.48 Gb Free Space | 71.26% Space Free | Partition Type: NTFS
 
Computer Name: CYNDY | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/19 00:11:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\My Pictures\OTL.exe
PRC - [2014/07/15 05:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/06/19 18:25:20 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/06/10 19:10:55 | 005,626,136 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2014/05/07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2014/01/01 22:09:34 | 000,051,992 | ---- | M] (cake bake) -- C:\Program Files\Betcat\WBDesktop.Updater.1.0.0.17.exe
PRC - [2013/12/19 23:24:44 | 000,574,464 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabSearch.exe
PRC - [2013/12/19 01:16:16 | 000,252,928 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabHost.exe
PRC - [2013/06/22 16:30:28 | 034,220,352 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files\DriverUpdate\DriverUpdate.exe
PRC - [2013/05/23 16:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/03/21 14:24:12 | 000,222,368 | ---- | M] () -- C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe
PRC - [2012/10/18 09:27:06 | 004,386,816 | ---- | M] () -- C:\Program Files\OtShot\otshot.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/02 00:15:46 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 05:42:16 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/15 05:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll
MOD - [2014/07/15 05:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
MOD - [2014/07/15 05:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
MOD - [2014/07/15 05:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
MOD - [2014/02/10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014/02/10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2013/12/26 22:42:11 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
MOD - [2013/12/26 22:30:57 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
MOD - [2013/12/26 22:30:16 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
MOD - [2013/12/26 22:29:06 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
MOD - [2013/12/19 23:24:44 | 000,574,464 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabSearch.exe
MOD - [2013/12/19 01:16:16 | 000,252,928 | ---- | M] () -- C:\Program Files\DefaultTab\DefaultTabHost.exe
MOD - [2013/03/21 14:24:12 | 000,222,368 | ---- | M] () -- C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe
MOD - [2012/10/18 09:27:06 | 004,386,816 | ---- | M] () -- C:\Program Files\OtShot\otshot.exe
MOD - [2008/05/02 00:15:46 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2008/05/02 00:15:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Mobogenie\MgAssist.exe -- (MgAssistService)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/07/09 21:01:35 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/07 15:00:32 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2014/01/02 05:45:55 | 003,448,384 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator)
SRV - [2014/01/01 22:09:34 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Program Files\Betcat\WBDesktop.Updater.1.0.0.17.exe -- (WebCake Desktop Updater)
SRV - [2013/12/19 23:24:44 | 000,574,464 | ---- | M] () [Auto | Running] -- C:\Program Files\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch)
SRV - [2013/05/23 16:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/03/21 14:24:12 | 000,222,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe -- (Updater Service for AMZN)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/07/18 23:33:42 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/06/16 14:25:59 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\iastor78.sys -- (iastor78)
DRV - [2008/09/10 14:39:08 | 000,176,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2008/06/05 20:21:52 | 000,146,944 | R--- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2007/10/09 13:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/03/08 07:33:56 | 000,625,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2007/02/24 14:42:00 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 17:03:00 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/01/23 16:40:00 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/10/30 10:57:34 | 000,037,296 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btusbflt.sys -- (btusbflt)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1270154652&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}: "URL" = http://dts.search.as...q={searchTerms}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {9BE0144F-E66E-48E4-B6E8-CB12BEF7B3EA}
IE - HKU\.DEFAULT\..\SearchScopes\{9BE0144F-E66E-48E4-B6E8-CB12BEF7B3EA}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {9BE0144F-E66E-48E4-B6E8-CB12BEF7B3EA}
IE - HKU\S-1-5-18\..\SearchScopes\{9BE0144F-E66E-48E4-B6E8-CB12BEF7B3EA}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 93 7F F4 2C 29 CF 01  [binary data]
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes,DefaultScope = {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{3E6C2E15-D27B-4266-8DBA-9450DBC9960A}: "URL" = http://delicious.com...p={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{74CAE867-6859-492E-B0E7-840453C13D4B}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{7742BC16-BAAC-4D93-AC46-9DA6878224C6}: "URL" = http://search.condui...2867470268&UM=2
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://search.yahoo....f-8&fr=chr-yie8
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}: "URL" = http://dts.search.as...q={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{ACD2346F-4440-4FBC-9079-189E82FDCAFB}: "URL" = http://search.condui...q={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://www.amazon.co...y={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{CE4CF768-2746-4735-83DC-A523A4DF87BE}: "URL" = http://start.mysearc...=1270154652&ir=
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{D77B9FFC-E5BA-44C5-8D90-BCB0F4840426}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{D9ED903C-2D4B-45B8-88C9-4A474C840E46}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Mysearchdial"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V31 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Amazon "
FF - prefs.js..browser.search.selectedEngine: "Amazon "
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://www.amazon.co..._ff_sp_adppi14"
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.6.5
FF - prefs.js..extensions.enabledItems: {465fcfbb-47a4-4866-a5d5-d12f9a77da00}:3.19.0.1
FF - prefs.js..extensions.enabledItems: {988919ff-0cd8-4d0c-bc7e-60d55a49eb64}:3.18.0.7
FF - prefs.js..extensions.enabledItems: {ad9a41d2-9a49-4fa6-a79e-71a0785364c8}:9.5.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2012/08/31 18:16:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2012/08/31 18:16:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2014/03/25 20:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions
[2013/08/12 22:03:06 | 000,000,000 | ---D | M] (appbario12 Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
[2013/09/07 14:10:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/02/18 19:59:15 | 000,000,000 | ---D | M] (Value Apps) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
[2013/07/05 21:10:57 | 000,000,000 | ---D | M] (MixiDJ V31 Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{988919ff-0cd8-4d0c-bc7e-60d55a49eb64}
[2013/05/30 19:23:45 | 000,000,000 | ---D | M] (KeyBar 1.8 Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{9ed31f84-c8b3-4926-b950-dff74047ff79}
[2014/02/18 20:07:24 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2013/08/12 22:02:15 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\[email protected]
[2014/01/31 13:52:32 | 000,250,213 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\[email protected]
[2014/03/25 20:19:18 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\searchplugins\amazon.xml
[2013/04/23 13:27:18 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\searchplugins\conduit.xml
[2014/03/25 20:19:18 | 000,002,403 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\searchplugins\Mysearchdial.xml
[2014/07/18 23:19:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2014/05/08 09:48:42 | 000,227,704 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2013/06/29 17:52:13 | 000,002,021 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: Speed Analysis 2 = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\3.0.0.0_0\
CHR - Extension: Yahoo Extension = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.116_0\
CHR - Extension: Yahoo Extension = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: appbario12 = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi\10.31.4.510_0\
CHR - Extension: appbario12 = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi\10.31.4.510_0\nativeMessaging\nmHost
CHR - Extension: DefaultTab = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.9_0\
CHR - Extension: Value apps = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.0.0_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Amazon 1Button App for Chrome = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.613.0_0\
CHR - Extension: Amazon 1Button App for Chrome = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.630.0_0\
CHR - Extension: MapsGalaxy = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\8.27.3.62729_0\
 
O1 HOSTS File: ([2014/02/16 23:48:54 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Speed Analysis 2) - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files\Speed Analysis 2\ScriptHost.dll (SpeedAnalysis.com)
O2 - BHO: (FindRight) - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files\FindRight\FindRightbho.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Amazon Browser Bar) - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [BrowserSafeguard] "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe" File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [OtShot] C:\Program Files\OtShot\otshot.exe ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [APISupport] C:\Documents and Settings\Owner\Local Settings\Application Data\TB\APISupport\APISupport.dll (ClientConnect Ltd.)
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [DriverUpdate] C:\Program Files\DriverUpdate\DriverUpdate.exe (SlimWare Utilities, Inc.)
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [DW7] "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe" File not found
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [NextLive] C:\Documents and Settings\Owner\Application Data\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [Singlesnet] C:\Program Files\Singlesnet\Singlesnet\Singlesnet.exe File not found
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [TBHostSupport] C:\Documents and Settings\Owner\Local Settings\Application Data\TBHostSupport\TBHostSupport_0.dll (Conduit Ltd.)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E516A083-9272-49B4-B8DD-6D9A5E892B13}: DhcpNameServer = 192.168.0.1 205.171.2.226
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll) -  File not found
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\wincert\win32c~1.dll) - c:\Documents and Settings\All Users\Application Data\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (c:\progra~1\musict~1\datamngr\mgrldr.dll) - c:\Program Files\Music Toolbar\Datamngr\mgrldr.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsemngr.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsermngr.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\cltmngsvc.exe: Debugger -  File not found
O27 - HKLM IFEO\delta babylon.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta tb.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta2.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltainstaller.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltasetup.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\iminentsetup.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\rjatydimofu.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweetimsetup.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/08/31 11:37:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\music toolbar\datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files\Music Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Music Toolbar\Datamngr\apcrtldr.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/18 23:33:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2014/07/18 23:32:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2014/07/18 23:26:05 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2014/07/18 23:26:05 | 000,017,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2014/07/18 23:17:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/07/18 23:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2014/07/18 22:45:29 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Owner\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Application Data\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/19 00:30:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/19 00:01:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/18 23:38:04 | 000,457,886 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/07/18 23:38:04 | 000,075,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/07/18 23:33:42 | 000,013,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/07/18 23:33:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/07/18 23:33:17 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/18 23:33:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/18 23:33:12 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/18 22:36:37 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/07/15 18:08:00 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\bench-sys.job
[2014/07/15 17:49:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\DTChk.job
[2014/07/14 21:49:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\DTReg.job
[2014/07/09 21:01:34 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/07/09 21:01:34 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Owner\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Application Data\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/02/18 20:08:02 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\WB.CFG
[2014/02/13 22:35:24 | 000,000,396 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013/12/26 22:21:42 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2013/07/05 21:08:20 | 000,001,108 | RHS- | C] () -- C:\Documents and Settings\Owner\ntuser.pol
[2013/06/02 19:47:08 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/18 21:23:31 | 000,499,911 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-583907252-436374069-1606980848-1003-0.dat
[2012/12/18 21:23:29 | 000,070,282 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/11/24 15:13:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/31 19:20:08 | 000,000,027 | ---- | C] () -- C:\WINDOWS\SmAudio.INI
[2012/08/31 18:16:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012/08/31 12:11:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/08/31 11:41:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/08/31 11:34:06 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/08/31 07:27:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/08/31 07:27:24 | 000,002,558 | ---- | C] () -- C:\WINDOWS\System32\Oeminfo.ini
[2012/08/31 07:19:02 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2012/08/31 07:16:42 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
 
========== ZeroAccess Check ==========
 
[2013/12/26 22:28:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/06/16 11:04:59 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
 
< End of report >
 
 
Extras.txt
 

OTL Extras logfile created on: 7/19/2014 12:24:09 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Owner\My Documents\My Pictures
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1014.36 Mb Total Physical Memory | 173.28 Mb Available Physical Memory | 17.08% Memory free
2.38 Gb Paging File | 1.25 Gb Available in Paging File | 52.57% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.92 Gb Total Space | 75.48 Gb Free Space | 71.26% Space Free | Partition Type: NTFS
 
Computer Name: CYNDY | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-583907252-436374069-1606980848-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Documents and Settings\Owner\Application Data\File Scout\filescout.exe" /open "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Documents and Settings\Owner\My Documents\Downloads\VideoPerformerSetup (1).exe" = C:\Documents and Settings\Owner\My Documents\Downloads\VideoPerformerSetup (1).exe:*:Enabled:VideoPerformerSetup (1).exe (in)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 60
"{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1" = Advanced Disk Recovery
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{60A523CC-DD44-4EEA-AD5F-0F57B2D17D22}" = XP Vista Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C67F5282-3EB4-4FE2-A5C7-ABEE4BE42F6D}" = DriverUpdate
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Amazon Browser Bar" = Amazon Browser Bar
"Amazon Browser Settings" = Amazon 1Button App
"CNXT_HDAUDIO" = Conexant HD Audio
"DefaultTab Chrome" = DefaultTab Chrome
"DMUninstaller" = DMUninstaller
"Flash Player Pro_is1" = Flash Player Pro V5.4
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Speed Analysis 2" = Speed Analysis 2
"Yahoo! Software Update" = Yahoo! Software Update
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 3/29/2014 7:39:51 PM | Computer Name = CYNDY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
 with error: The server name or address could not be resolved  
 
Error - 4/6/2014 2:10:52 PM | Computer Name = CYNDY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
 with error: The server name or address could not be resolved  
 
Error - 4/10/2014 7:08:35 PM | Computer Name = CYNDY | Source = MsiInstaller | ID = 10005
Description = Product: BlueStacks Notification Center -- This application requires
 at least 2 GB of physical memory.
 
Error - 4/25/2014 8:20:11 AM | Computer Name = CYNDY | Source = MsiInstaller | ID = 1013
Description = Product: Skype Click to Call -- Installation cannot proceed on this
 operating system.
 
Error - 5/29/2014 6:57:05 PM | Computer Name = CYNDY | Source = Chrome | ID = 1
Description = 
 
Error - 6/17/2014 8:33:05 PM | Computer Name = CYNDY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
 with error: The server name or address could not be resolved  
 
Error - 6/17/2014 8:33:05 PM | Computer Name = CYNDY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
 with error: The server name or address could not be resolved  
 
Error - 6/17/2014 8:33:26 PM | Computer Name = CYNDY | Source = Chrome | ID = 1
Description = 
 
Error - 6/18/2014 6:32:22 PM | Computer Name = CYNDY | Source = Chrome | ID = 1
Description = 
 
Error - 6/24/2014 5:43:13 PM | Computer Name = CYNDY | Source = MsiInstaller | ID = 1013
Description = Product: Skype Click to Call -- Installation cannot proceed on this
 operating system.
 
[ System Events ]
Error - 7/11/2014 8:23:55 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/12/2014 12:30:23 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/14/2014 4:45:43 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/14/2014 9:33:35 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/14/2014 10:44:41 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/14/2014 11:53:28 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/15/2014 11:29:30 AM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/15/2014 3:32:00 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/15/2014 10:41:10 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
Error - 7/16/2014 10:07:59 PM | Computer Name = CYNDY | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.2 on 
the  Network Card with network address 001DD959C646.
 
 
< End of report >
 

 


  • 0

Advertisements

#2
Essexboy
Posted 19 July 2014 - 04:03 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, it does appear a bit of a mess

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF

:Commands
[CREATERESTOREPOINT]

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Mobogenie\MgAssist.exe -- (MgAssistService)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/01/02 05:45:55 | 003,448,384 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator)
SRV - [2014/01/01 22:09:34 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Program Files\Betcat\WBDesktop.Updater.1.0.0.17.exe -- (WebCake Desktop Updater)
SRV - [2013/12/19 23:24:44 | 000,574,464 | ---- | M] () [Auto | Running] -- C:\Program Files\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch)
SRV - [2013/03/21 14:24:12 | 000,222,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe -- (Updater Service for AMZN)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1270154652&ir=
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}: "URL" = http://dts.search.as...q={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{7742BC16-BAAC-4D93-AC46-9DA6878224C6}: "URL" = http://search.condui...2867470268&UM=2
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://search.yahoo....f-8&fr=chr-yie8
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}: "URL" = http://dts.search.as...q={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{ACD2346F-4440-4FBC-9079-189E82FDCAFB}: "URL" = http://search.condui...q={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://www.amazon.co...y={searchTerms}
IE - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\SearchScopes\{CE4CF768-2746-4735-83DC-A523A4DF87BE}: "URL" = http://start.mysearc...=1270154652&ir=
FF - prefs.js..browser.search.defaultenginename: "Mysearchdial"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V31 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Amazon "
FF - prefs.js..browser.search.selectedEngine: "Amazon "
FF - prefs.js..extensions.enabledItems: {465fcfbb-47a4-4866-a5d5-d12f9a77da00}:3.19.0.1
FF - prefs.js..extensions.enabledItems: {988919ff-0cd8-4d0c-bc7e-60d55a49eb64}:3.18.0.7
FF - prefs.js..extensions.enabledItems: {ad9a41d2-9a49-4fa6-a79e-71a0785364c8}:9.5.3
[2013/08/12 22:03:06 | 000,000,000 | ---D | M] (appbario12 Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
[2013/09/07 14:10:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2014/02/18 19:59:15 | 000,000,000 | ---D | M] (Value Apps) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
[2013/07/05 21:10:57 | 000,000,000 | ---D | M] (MixiDJ V31 Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{988919ff-0cd8-4d0c-bc7e-60d55a49eb64}
[2013/05/30 19:23:45 | 000,000,000 | ---D | M] (KeyBar 1.8 Community Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{9ed31f84-c8b3-4926-b950-dff74047ff79}
[2014/02/18 20:07:24 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2013/08/12 22:02:15 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\extensions\[email protected]
[2014/03/25 20:19:18 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\searchplugins\amazon.xml
[2013/04/23 13:27:18 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\searchplugins\conduit.xml
[2014/03/25 20:19:18 | 000,002,403 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7wy8oar4.default\searchplugins\Mysearchdial.xml
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Speed Analysis 2) - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files\Speed Analysis 2\ScriptHost.dll (SpeedAnalysis.com)
O2 - BHO: (FindRight) - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files\FindRight\FindRightbho.dll File not found
O2 - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-436374069-1606980848-1003\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O4 - HKLM..\Run: [BrowserSafeguard] "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe" File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [OtShot] C:\Program Files\OtShot\otshot.exe ()
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [APISupport] C:\Documents and Settings\Owner\Local Settings\Application Data\TB\APISupport\APISupport.dll (ClientConnect Ltd.)
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [DW7] "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe" File not found
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [NextLive] C:\Documents and Settings\Owner\Application Data\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [Singlesnet] C:\Program Files\Singlesnet\Singlesnet\Singlesnet.exe File not found
O4 - HKU\S-1-5-21-583907252-436374069-1606980848-1003..\Run: [TBHostSupport] C:\Documents and Settings\Owner\Local Settings\Application Data\TBHostSupport\TBHostSupport_0.dll (Conduit Ltd.)
O20 - AppInit_DLLs: (c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll) - File not found
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\wincert\win32c~1.dll) - c:\Documents and Settings\All Users\Application Data\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (c:\progra~1\musict~1\datamngr\mgrldr.dll) - c:\Program Files\Music Toolbar\Datamngr\mgrldr.dll ()
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsemngr.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsermngr.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\cltmngsvc.exe: Debugger - File not found
O27 - HKLM IFEO\delta babylon.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta tb.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta2.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltainstaller.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltasetup.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\iminentsetup.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\rjatydimofu.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweetimsetup.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O36 - AppCertDlls: x64 - (c:\program files\music toolbar\datamngr\x64\apcrtldr.dll) - File not found
O36 - AppCertDlls: x86 - (C:\Program Files\Music Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Music Toolbar\Datamngr\apcrtldr.dll ()
[2014/07/15 18:08:00 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\bench-sys.job
[2014/07/15 17:49:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\DTChk.job
[2014/07/14 21:49:00 |0000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\DTReg.job

:Files
C:\Program Files\Betcat
C:\Program Files\DefaultTab
C:\Program Files\Amazon Browser Bar
C:\Program Files\OtShot
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb
C:\Program Files\Speed Analysis 2
C:\Program Files\FindRight
C:\Program Files\Mobogenie
C:\PROGRA~1\SearchProtect
C:\Program Files\Browsersafeguard
C:\Documents and Settings\Owner\Local Settings\Application Data\TB
C:\Program Files\The Weather Channel
C:\Documents and Settings\Owner\Application Data\newnext.me
C:\Program Files\Singlesnet

:Commands
[resethosts]
[emptytemp]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • FINALLY

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Select additions at the bottom
    • Press Scan button.
      frst.JPG
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please attach both logs generated.

  • 0

#3
Essexboy
Posted 25 July 2014 - 10:30 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP