[azza261]

OTL Extras logfile created on: 18/08/2013 13:29:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vicky\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 48.27% Memory free
6.18 Gb Paging File | 4.56 Gb Available in Paging File | 73.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.79 Gb Total Space | 117.63 Gb Free Space | 41.16% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 4.64 Gb Free Space | 47.47% Space Free | Partition Type: NTFS
Drive E: | 507.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: VICKY-PC | User Name: Vicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1397186333-2763243757-143887221-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Vicky\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2883AF70-F971-4C5C-BCE6-4EF5C8112D31}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{42DB8BBD-A0E2-4A38-A42C-6B316FC0BA21}" = lport=138 | protocol=17 | dir=in | app=system |
"{4672CC04-DBF8-4956-BFAC-2A8CF5222C43}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{4914C6E2-933A-47D3-8E3E-76AA1B8F663D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{6EA74138-21A9-4B4C-AD61-FABC1C09AFA0}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{92CEE901-3607-4E16-8FBF-63E80BAB0519}" = lport=445 | protocol=6 | dir=in | app=system |
"{A1334199-8FC6-41FF-8951-691F050E2858}" = rport=445 | protocol=6 | dir=out | app=system |
"{ADB9B237-C821-4415-8100-DD22F53E9D33}" = lport=139 | protocol=6 | dir=in | app=system |
"{C2711660-4503-4D45-99F6-B8AEFA53D445}" = rport=138 | protocol=17 | dir=out | app=system |
"{C29AF3D1-578C-4DF1-B417-C735B7B1CEB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{DA081A4F-9B25-4DB0-93A6-B84964428248}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{E6C61842-612F-4663-830C-71B37C5EB702}" = lport=137 | protocol=17 | dir=in | app=system |
"{ED1FEBA0-4E15-492A-BCB2-602FB7AC3B98}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F09882B4-F0A4-46DD-B799-BB29082CDDC3}" = rport=139 | protocol=6 | dir=out | app=system |
"{F9B1F616-729C-495D-B8DE-2B8E9E551180}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19E99A0A-248A-4B6A-B676-7ECC787CCE60}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{1FDE2D34-359C-4DD7-8BB4-CB34606C39A1}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{2A40273F-544E-4650-8A53-021D524CD0CC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2E25D740-0291-4FE3-B06A-6B8735676E28}" = protocol=58 | dir=out | [email protected],-28546 |
"{318DB10E-AA35-478E-BBB0-D6F2E37C1943}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{58428DE3-923C-4E64-8858-CFE2D711674F}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5BF2F60B-C8C4-4699-9F81-AA3F503478E7}" = protocol=1 | dir=out | [email protected],-28544 |
"{64E2DD97-EC3C-4BBE-8AB8-C554C257A5BC}" = dir=in | app=c:\program files\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{6DDFAB72-E701-4FBD-A627-65BD66AC5411}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8AD45FEC-96F5-4D15-B76E-24130AA4CB7E}" = dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{A07AF789-C10C-43CB-AF67-6DB7A11706FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3109066-3DA6-482F-8D6B-3847A79E5246}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{C9A02B88-C160-4005-B1A4-8E52909D05B0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D367F560-7A78-4C9E-A801-F961E4C87FB5}" = protocol=58 | dir=in | [email protected],-28545 |
"{D5C65A4F-0E59-43BC-AFC6-9B7789E4DABE}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{D7DBCEC0-5643-4871-81EE-276AC76480FB}" = protocol=1 | dir=in | [email protected],-28543 |
"{E52E92BB-2F7E-4E01-A522-ACABAC6AEF23}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"TCP Query User{564918C0-EC9D-4EF7-B9BA-9581C57219EA}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{68C7025A-1F82-4CA6-AD5A-49FC47E6758F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{B1EB2A7B-2FD9-4CA6-B85B-5515386EB6E1}C:\program files\atdhenettvapp.com\atdhenettvapp.exe" = protocol=6 | dir=in | app=c:\program files\atdhenettvapp.com\atdhenettvapp.exe |
"TCP Query User{F4F12405-06F3-4A5D-8965-D7CC251929A1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{1CD70A9D-C7CB-4F88-B1C7-EF03694EC7D2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{399368CA-9A23-4313-83D3-B78268B7AAF3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5CEABAEE-570C-459E-9377-209324A7E41D}C:\program files\atdhenettvapp.com\atdhenettvapp.exe" = protocol=17 | dir=in | app=c:\program files\atdhenettvapp.com\atdhenettvapp.exe |
"UDP Query User{702BCB97-6C74-4EF3-8402-65931775DAEC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series" = Canon MP230 series MP Drivers
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" =
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3544DED1-07DB-40C0-98F3-435A6DA195C7}" = Google SketchUp 8
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{5BBD0D3F-E4B2-4EE4-806A-07A95D4E2683}" = Sky Broadband Browser Branding
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
"{5E83AB6E-2284-4468-BF97-A451904F186C}" = HP Deskjet 1050 J410 series Product Improvement Study
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
"{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B124E3EA-59C5-462B-98EF-374099EA7A61}" = LeapFrog LeapPad Explorer Plugin
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{C111B73A-93EA-4A12-80E2-0460F11D431F}" = HP Deskjet 1050 J410 series Basic Device Software
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F9233F02-5617-4BDC-8EC6-4B798EDFE6F4}" = LeapFrog Connect
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownload" = ATDheNetTVApp
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AVG Secure Search" = AVG Security Toolbar
"AVG8Uninstall" = AVG Free 8.5
"BitTorrent" = BitTorrent
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"Canon MP230 series On-screen Manual" = Canon MP230 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"DefaultTab" = DefaultTab
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"EPSON Printer and Utilities" = EPSON Printer Software
"funmoods" = Funmoods
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HP Photo Creations" = HP Photo Creations
"Huawei Modems" = Huawei modem
"LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PokerStars" = PokerStars
"SopCast" = SopCast 3.5.0
"STANDARDR" = Microsoft Office Standard 2007
"UPCShell" = LeapFrog Connect
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 2.0.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZTE_1.2059.0.8" = ZTE_1.2059.0.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 01/01/2013 11:09:54 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 01/01/2013 11:09:56 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 176593

Error - 01/01/2013 11:09:56 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 176593

Error - 01/01/2013 11:09:58 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 01/01/2013 11:09:58 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 180618

Error - 01/01/2013 11:09:58 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 180618

Error - 01/01/2013 11:10:00 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 01/01/2013 11:10:00 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 183254

Error - 01/01/2013 11:10:00 | Computer Name = Vicky-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 183254

Error - 02/01/2013 13:50:30 | Computer Name = Vicky-PC | Source = Perflib | ID = 1010
Description =

[ Broadcom Wireless LAN Events ]
Error - 20/03/2013 12:21:42 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 16:21:42, Wed, Mar 20, 13 Error - Unable to gain access to user store


Error - 08/04/2013 10:43:05 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 15:43:05, Mon, Apr 08, 13 Error - Unable to gain access to user store


Error - 24/04/2013 04:17:05 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 09:17:05, Wed, Apr 24, 13 Error - Unable to gain access to user store


Error - 27/04/2013 08:15:51 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 13:15:50, Sat, Apr 27, 13 Error - Unable to gain access to user store


Error - 11/06/2013 04:43:38 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 09:43:37, Tue, Jun 11, 13 Error - Unable to gain access to user store


Error - 12/06/2013 05:05:32 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 10:05:31, Wed, Jun 12, 13 Error - Unable to gain access to user store


Error - 13/06/2013 03:30:36 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 08:30:35, Thu, Jun 13, 13 Error - Unable to gain access to user store


Error - 31/07/2013 12:13:00 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 17:12:59, Wed, Jul 31, 13 Error - Unable to gain access to user store


Error - 03/08/2013 13:48:18 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 18:48:18, Sat, Aug 03, 13 Error - Unable to gain access to user store


Error - 17/08/2013 07:46:34 | Computer Name = Vicky-PC | Source = WLAN-Tray | ID = 0
Description = 12:46:34, Sat, Aug 17, 13 Error - Unable to gain access to user store


[ System Events ]
Error - 18/08/2013 07:29:22 | Computer Name = Vicky-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 18/08/2013 07:29:22 | Computer Name = Vicky-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 18/08/2013 07:29:22 | Computer Name = Vicky-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 18/08/2013 08:11:41 | Computer Name = Vicky-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 18/08/2013 08:12:29 | Computer Name = Vicky-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 18/08/2013 08:12:50 | Computer Name = Vicky-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 18/08/2013 08:13:46 | Computer Name = Vicky-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 18/08/2013 08:22:09 | Computer Name = Vicky-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 18/08/2013 08:23:03 | Computer Name = Vicky-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 18/08/2013 08:27:33 | Computer Name = Vicky-PC | Source = WPDMTPDriver | ID = 80836
Description =


< End of report >

[Advertisements]

is this ok?

[azza261]

is this ok?

[Phel]

Please, follow these steps:

Step 1. OTL fix.

• Run OTL.
• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :Commands
  [CREATERESTOREPOINT]
  
  :Files
  fsutil reparsepoint delete "C:\Program Files\Windows Defender\en-US" /c
  
  :Commands
  [REBOOT]

• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.

Step 2. AdwCleaner scan.

• Please, download AdwCleaner from here to your Desktop.
• Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
• Adwcleaner window should appear.
• Click on the Delete button.
• Click on OK.
• Computer will be rebooted automatically, when program will finish it's job.
• After fix Notepad window with report should appear. Post the contents of the report in your next message.

Step 3. OTL scan.

• Run OTL.
• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  dir "%systemdrive%\*" /S /A:L /C

• Then click the Run Scan button at the top.
• Let the program run unhindered.
• When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of this file, one at a time and post them in your topic.

So, please, don't forget to post in your next message:

• AdwCleaner log
• OTL log

[azza261]

# AdwCleaner v2.306 - Logfile created 08/18/2013 at 22:35:47
# Updated 19/07/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Vicky - VICKY-PC
# Boot Mode : Normal
# Running from : C:\Users\Vicky\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : DefaultTabSearch
Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
Deleted on reboot : C:\ProgramData\BrowserProtect
File Deleted : C:\END
File Deleted : C:\user.js
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Vicky\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Windows\system32\roboot.exe
Folder Deleted : C:\Program Files\Amazon Browser Bar
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\DefaultTab
Folder Deleted : C:\Program Files\delta
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\Funmoods
Folder Deleted : C:\Program Files\Gophoto.it
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\blap\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\football.Vicky-PC\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\football\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\football\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\football\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\good\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\new\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Vicky\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Vicky\AppData\Local\Conduit
Folder Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Folder Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Folder Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Folder Deleted : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Deleted : C:\Users\Vicky\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Vicky\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Vicky\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Vicky\AppData\LocalLow\bbrs_002.tb
Folder Deleted : C:\Users\Vicky\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Vicky\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Vicky\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Vicky\AppData\Roaming\BrowserCompanion
Folder Deleted : C:\Users\Vicky\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Vicky\AppData\Roaming\delta
Folder Deleted : C:\Users\Vicky\AppData\Roaming\file scout
Folder Deleted : C:\Users\Vicky\AppData\Roaming\Funmoods
Folder Deleted : C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Folder Deleted : C:\Users\work pleas\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\work\AppData\LocalLow\SweetIM

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\261519~1.190\{c16c1~1\browse~1.dll
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\5d538a8bb46eec10
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{154D339E-CCAA-49A5-9B38-6878AD4220BC}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\5d538a8bb46eec10
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BrowserCompanion
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A
Key Deleted : HKLM\Software\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A
Key Deleted : HKLM\Software\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{154D339E-CCAA-49A5-9B38-6878AD4220BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16502

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://searchfunmoods.com/?f=2&a=nv1&ir=nv1&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0DzztD0D0C0F0DtD0BtD0AtN0D0Tzu0CtAzyyCtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1157382831 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=GB&userid=fd8db511-8368-4548-823c-5c5cdb689671&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=nv1&ir=nv1&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0DzztD0D0C0F0DtD0BtD0AtN0D0Tzu0CtAzyyCtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1157382831 --> hxxp://www.google.com

-\\ Google Chrome v28.0.1500.95

File : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [363 octets] - [18/08/2013 22:35:30]
AdwCleaner[S2].txt - [42721 octets] - [18/08/2013 22:35:47]

########## EOF - C:\AdwCleaner[S2].txt - [42782 octets] ##########

[azza261]

OTL logfile created on: 18/08/2013 22:40:49 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vicky\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 53.69% Memory free
6.18 Gb Paging File | 4.79 Gb Available in Paging File | 77.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.79 Gb Total Space | 117.95 Gb Free Space | 41.27% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 4.64 Gb Free Space | 47.47% Space Free | Partition Type: NTFS
Drive E: | 507.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: VICKY-PC | User Name: Vicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/18 18:24:40 | 001,643,184 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
PRC - [2013/08/18 13:10:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
PRC - [2013/06/12 13:06:23 | 000,814,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
PRC - [2013/05/28 14:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
PRC - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2012/06/26 19:17:14 | 006,380,400 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2012/06/11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2012/04/03 13:33:00 | 000,940,168 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/04/03 13:27:16 | 001,087,608 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/04/03 13:26:14 | 001,273,448 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/15 17:12:48 | 001,226,024 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2008/05/04 10:25:32 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/05/04 10:25:26 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/05/04 10:25:26 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/04 10:25:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/05/02 20:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/03/04 06:05:24 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2008/02/22 23:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/01/21 03:24:43 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2007/12/21 16:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/11/12 12:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 12:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/03/21 19:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 19:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/18 15:25:57 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\c968aa3be869dde97c5492eeb82ad779\System.Runtime.Remoting.ni.dll
MOD - [2013/08/18 15:25:48 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5d21e1bdb2ce90135f079113f334e321\System.Xaml.ni.dll
MOD - [2013/08/18 13:07:42 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\db66b9271d43c5fe3127044883b3f602\PresentationFramework.ni.dll
MOD - [2013/08/18 13:07:23 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\42c1b65120af3ba1efd162796bb3eb53\PresentationCore.ni.dll
MOD - [2013/08/18 13:07:10 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b54db81e7e78ec337dedcfa3b888011f\WindowsBase.ni.dll
MOD - [2013/08/18 13:07:07 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14e513a3c8ef4992d69bd2bf1402e44b\PresentationFramework.Aero.ni.dll
MOD - [2013/08/18 13:05:32 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\237e5a55aa781dffe4520827550d058f\System.Windows.Forms.ni.dll
MOD - [2013/08/18 13:05:21 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\156e53e82414c8e28c19ff57138c8447\System.Xml.ni.dll
MOD - [2013/08/18 13:05:16 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\45ef18daf2d0bf2e45b847ab73b14a9f\System.Configuration.ni.dll
MOD - [2013/08/18 13:05:02 | 007,053,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\0c5a43e1f91b655c3ab2d0032f1d74a0\System.Core.ni.dll
MOD - [2013/08/18 13:04:54 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\943b77fad6439af1a38d31d4676e08b9\System.Drawing.ni.dll
MOD - [2013/08/18 13:04:52 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\7d2446128cc42e59c602eed899a45894\System.ni.dll
MOD - [2013/08/18 13:04:43 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2013/08/18 00:40:39 | 015,881,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\46fe685d21a2d619a116fc0fc983851a\MenuSkinning.ni.dll
MOD - [2013/08/18 00:40:19 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013/08/18 00:40:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/08/18 00:39:44 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\c4f0433ae88d0910d821fc8c8b09695f\VistaBridgeLibrary.ni.dll
MOD - [2013/08/18 00:39:38 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll
MOD - [2013/08/18 00:39:36 | 002,261,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\1b257aa780e5e1f778ce510b1a87c166\DellDock.ni.exe
MOD - [2013/08/18 00:39:34 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\2489d385d8d2ce2d7f8bc75fe41a8d66\MyDock.Util.ni.dll
MOD - [2013/08/18 00:39:13 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9092960402154cf69c694786ae1049b3\System.Configuration.ni.dll
MOD - [2013/08/18 00:22:23 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/08/18 00:22:04 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f575e4c534a93294c72fea670ca73492\System.Windows.Forms.ni.dll
MOD - [2013/08/18 00:21:51 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/08/18 00:20:22 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/07/15 17:37:40 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\05034abc5246a6fef208f73cb912d971\Accessibility.ni.dll
MOD - [2013/07/15 17:29:28 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2008/07/03 13:28:14 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Services (SafeList) ==========

SRV - [2013/08/18 18:24:40 | 001,643,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - [2013/05/28 14:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/10/22 10:53:41 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/10/18 18:22:43 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2008/05/02 20:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/12 12:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 12:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/03/21 19:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Webroot\Washer\wrssweep.sys -- (wrssweep)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\netaapl.sys -- (Netaapl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/08/18 18:24:40 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2010/10/18 18:22:46 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/10/18 18:22:46 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/01/19 12:49:50 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/05/12 10:40:15 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/07/03 13:28:02 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/23 13:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/05/04 10:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/03/17 10:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/03/06 08:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/03/04 06:05:34 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2008/03/04 06:05:18 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/11/12 12:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/06 17:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 17:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 17:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4DB65B04-174C-4C09-691C-331B7382B660}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUK
IE - HKLM\..\SearchScopes\{838BF40B-FD99-4F37-8A9B-2CF9B3D9E46C}: "URL" = http://search.sky.co...m={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=uk&ibd=5081023
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{050C47B0-9D1C-44DB-AE13-D4B6D2CDF760}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{4DB65B04-174C-4C09-691C-331B7382B660}: "URL" = http://search.babylo...00000234d80dcfd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{FDF57497-04CA-49ED-A2C8-7811E39519F7}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)


[2012/06/26 18:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\extensions
[2013/08/17 17:14:00 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2013/08/17 17:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2013/01/30 21:07:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2013/01/30 21:07:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2013/08/17 17:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2013/08/17 17:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]
[2013/01/30 21:07:03 | 000,216,743 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2012/07/29 15:37:16 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]
[2012/08/17 21:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www1.delta-se...123511&tsp=4961

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1BC3F55E-ECB3-4F96-BE7D-B931B56006C2}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{368EED3A-A405-467B-A691-8FCE285C7384}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70AE71F1-5201-4B51-A8B2-5ED6B8C35DE4}: DhcpNameServer = 88.82.13.12 88.82.13.12
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/11/13 17:20:10 | 000,000,170 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{05454490-fecb-11dd-8718-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{05454490-fecb-11dd-8718-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2ec2f99a-dad9-11df-8b30-00234d80dcfd}\Shell - "" = AutoRun
O33 - MountPoints2\{2ec2f99a-dad9-11df-8b30-00234d80dcfd}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3f0e6687-be45-11dd-a52e-00234d80dcfd}\Shell - "" = AutoRun
O33 - MountPoints2\{3f0e6687-be45-11dd-a52e-00234d80dcfd}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3f0e66bc-be45-11dd-a52e-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{3f0e66bc-be45-11dd-a52e-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3f0e66be-be45-11dd-a52e-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{3f0e66be-be45-11dd-a52e-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4df5f306-7200-11de-a61d-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{4df5f306-7200-11de-a61d-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{518f9419-a0dc-11dd-b682-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{518f9419-a0dc-11dd-b682-806e6f6e6963}\Shell\AutoRun\command - "" = E:\MSETUP4.EXE -- [2012/03/16 14:50:44 | 000,363,120 | R--- | M] (CANON INC.)
O33 - MountPoints2\{830c52f4-be43-11dd-ae27-00234d80dcfd}\Shell - "" = AutoRun
O33 - MountPoints2\{830c52f4-be43-11dd-ae27-00234d80dcfd}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bd0a0514-70a3-11de-a7ba-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{bd0a0514-70a3-11de-a7ba-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/18 22:25:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/18 18:32:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMIG
[2013/08/18 13:14:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
[2013/08/18 12:47:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/08/18 00:50:45 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Canon
[2013/08/18 00:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2013/08/18 00:50:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJQuickMenu
[2013/08/18 00:50:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2013/08/18 00:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP230 series User Registration
[2013/08/18 00:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2013/08/18 00:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2013/08/18 00:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013/08/18 00:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP230 series Manual
[2013/08/18 00:35:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013/08/18 00:34:36 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2013/08/18 00:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP230 series
[2013/08/18 00:33:37 | 000,320,000 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B5L.dll
[2013/08/18 00:33:37 | 000,266,752 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B5C.dll
[2013/08/18 00:33:37 | 000,096,768 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B5I.dll
[2013/08/18 00:33:37 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNHMCA.dll
[2013/08/18 00:32:36 | 000,314,880 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMB5.DLL
[2013/08/18 00:32:06 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013/08/18 00:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013/08/18 00:10:42 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/08/18 00:10:40 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/08/18 00:10:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/08/18 00:10:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/08/18 00:10:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/08/18 00:10:36 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/08/18 00:10:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/08/18 00:10:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/08/17 23:04:19 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/08/16 21:10:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013/08/15 19:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/08/04 15:31:32 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\OpenOffice.org
[2013/08/04 15:27:10 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Desktop\OpenOffice.org 3.4.1 (en-US) Installation Files
[2013/08/04 15:05:24 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\SoftGrid Client
[2013/08/04 15:04:41 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\SoftGrid Client
[2013/08/04 15:01:58 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\TP
[2013/08/04 14:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2013/07/31 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Vicky\{776d0f5f-79f0-46cb-ba05-582091ad41d2}
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/18 22:44:03 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/08/18 22:44:03 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/08/18 22:38:07 | 000,001,791 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk
[2013/08/18 22:37:45 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/18 22:37:45 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/08/18 22:37:42 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/18 22:37:42 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/18 22:37:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/18 22:36:27 | 000,000,160 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/08/18 22:33:44 | 000,666,633 | ---- | M] () -- C:\Users\Vicky\Desktop\AdwCleaner.exe
[2013/08/18 22:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/18 22:06:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/18 18:24:40 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/08/18 13:10:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
[2013/08/18 00:52:27 | 000,002,624 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\wklnhst.dat
[2013/08/18 00:43:40 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2013/08/18 00:35:57 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP230 series On-screen Manual.lnk
[2013/08/17 21:52:46 | 000,021,504 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013/08/04 16:32:33 | 000,095,107 | ---- | M] () -- C:\Users\Vicky\Documents\polarzone.odt
[2013/07/31 17:30:35 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/28 18:20:31 | 000,001,105 | ---- | M] () -- C:\Users\Vicky\Documents\Recent Items.lnk
[2013/07/25 03:32:35 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/07/25 03:25:30 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/07/25 03:24:39 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/07/25 03:24:24 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/07/25 03:23:59 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/07/25 03:23:27 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/07/25 03:22:35 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/07/25 03:22:04 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/07/21 21:44:20 | 000,044,032 | ---- | M] () -- C:\Users\Vicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/18 22:35:55 | 000,000,160 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/08/18 22:34:34 | 000,666,633 | ---- | C] () -- C:\Users\Vicky\Desktop\AdwCleaner.exe
[2013/08/18 14:50:20 | 000,001,929 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2013/08/18 14:50:20 | 000,001,815 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2013/08/18 00:43:40 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2013/08/18 00:35:57 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP230 series On-screen Manual.lnk
[2013/08/18 00:33:37 | 000,073,984 | ---- | C] () -- C:\Windows\System32\CNC175FD.TBL
[2013/08/04 16:32:31 | 000,095,107 | ---- | C] () -- C:\Users\Vicky\Documents\polarzone.odt
[2013/07/28 18:20:31 | 000,001,105 | ---- | C] () -- C:\Users\Vicky\Documents\Recent Items.lnk
[2013/03/09 09:28:36 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/08/27 15:42:04 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/06/10 16:43:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/02/10 00:03:57 | 000,002,624 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\wklnhst.dat
[2008/12/11 22:28:26 | 000,005,972 | ---- | C] () -- C:\Users\Vicky\AppData\Local\d3d9caps.dat
[2008/11/29 19:22:58 | 000,044,032 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 6EDB-0B0A
Directory of C:\ProgramData
29/11/2008 19:14 <JUNCTION> Application Data [C:\ProgramData]
29/11/2008 19:14 <JUNCTION> Desktop [C:\Users\Public\Desktop]
29/11/2008 19:14 <JUNCTION> Documents [C:\Users\Public\Documents]
29/11/2008 19:14 <JUNCTION> Favorites [C:\Users\Public\Favorites]
29/11/2008 19:14 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
29/11/2008 19:14 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
29/11/2008 19:14 <SYMLINKD> All Users [C:\ProgramData]
29/11/2008 19:14 <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
29/11/2008 19:14 <JUNCTION> Application Data [C:\ProgramData]
29/11/2008 19:14 <JUNCTION> Desktop [C:\Users\Public\Desktop]
29/11/2008 19:14 <JUNCTION> Documents [C:\Users\Public\Documents]
29/11/2008 19:14 <JUNCTION> Favorites [C:\Users\Public\Favorites]
29/11/2008 19:14 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
29/11/2008 19:14 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\blap
20/11/2012 21:20 <JUNCTION> Application Data [C:\Users\blap\AppData\Roaming]
20/11/2012 21:20 <JUNCTION> Cookies [C:\Users\blap\AppData\Roaming\Microsoft\Windows\Cookies]
20/11/2012 21:20 <JUNCTION> Local Settings [C:\Users\blap\AppData\Local]
20/11/2012 21:20 <JUNCTION> My Documents [C:\Users\blap\Documents]
20/11/2012 21:20 <JUNCTION> NetHood [C:\Users\blap\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
20/11/2012 21:20 <JUNCTION> PrintHood [C:\Users\blap\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
20/11/2012 21:20 <JUNCTION> Recent [C:\Users\blap\AppData\Roaming\Microsoft\Windows\Recent]
20/11/2012 21:20 <JUNCTION> SendTo [C:\Users\blap\AppData\Roaming\Microsoft\Windows\SendTo]
20/11/2012 21:20 <JUNCTION> Start Menu [C:\Users\blap\AppData\Roaming\Microsoft\Windows\Start Menu]
20/11/2012 21:20 <JUNCTION> Templates [C:\Users\blap\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\blap\AppData\Local
20/11/2012 21:20 <JUNCTION> Application Data [C:\Users\blap\AppData\Local]
20/11/2012 21:20 <JUNCTION> History [C:\Users\blap\AppData\Local\Microsoft\Windows\History]
20/11/2012 21:20 <JUNCTION> Temporary Internet Files [C:\Users\blap\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\blap\AppData\LocalLow
20/11/2012 21:27 <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\blap\Documents
20/11/2012 21:20 <JUNCTION> My Music [C:\Users\blap\Music]
20/11/2012 21:20 <JUNCTION> My Pictures [C:\Users\blap\Pictures]
20/11/2012 21:20 <JUNCTION> My Videos [C:\Users\blap\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
29/11/2008 19:14 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
29/11/2008 19:14 <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
29/11/2008 19:14 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
29/11/2008 19:14 <JUNCTION> My Documents [C:\Users\Default\Documents]
29/11/2008 19:14 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
29/11/2008 19:14 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
29/11/2008 19:14 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
29/11/2008 19:14 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
29/11/2008 19:14 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
29/11/2008 19:14 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
29/11/2008 19:14 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
29/11/2008 19:14 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
29/11/2008 19:14 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
29/11/2008 19:14 <JUNCTION> My Music [C:\Users\Default\Music]
29/11/2008 19:14 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
29/11/2008 19:14 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\football
02/09/2012 14:38 <JUNCTION> Application Data [C:\Users\football\AppData\Roaming]
02/09/2012 14:38 <JUNCTION> Cookies [C:\Users\football\AppData\Roaming\Microsoft\Windows\Cookies]
02/09/2012 14:38 <JUNCTION> Local Settings [C:\Users\football\AppData\Local]
02/09/2012 14:38 <JUNCTION> My Documents [C:\Users\football\Documents]
02/09/2012 14:38 <JUNCTION> NetHood [C:\Users\football\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/09/2012 14:38 <JUNCTION> PrintHood [C:\Users\football\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/09/2012 14:38 <JUNCTION> Recent [C:\Users\football\AppData\Roaming\Microsoft\Windows\Recent]
02/09/2012 14:38 <JUNCTION> SendTo [C:\Users\football\AppData\Roaming\Microsoft\Windows\SendTo]
02/09/2012 14:38 <JUNCTION> Start Menu [C:\Users\football\AppData\Roaming\Microsoft\Windows\Start Menu]
02/09/2012 14:38 <JUNCTION> Templates [C:\Users\football\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\football\AppData\Local
02/09/2012 14:38 <JUNCTION> Application Data [C:\Users\football\AppData\Local]
02/09/2012 14:38 <JUNCTION> History [C:\Users\football\AppData\Local\Microsoft\Windows\History]
02/09/2012 14:38 <JUNCTION> Temporary Internet Files [C:\Users\football\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\football\AppData\LocalLow
02/09/2012 15:49 <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\football\Documents
02/09/2012 14:38 <JUNCTION> My Music [C:\Users\football\Music]
02/09/2012 14:38 <JUNCTION> My Pictures [C:\Users\football\Pictures]
02/09/2012 14:38 <JUNCTION> My Videos [C:\Users\football\Videos]
0 File(s) 0 bytes
Directory of C:\Users\football.Vicky-PC
29/09/2012 14:10 <JUNCTION> Application Data [C:\Users\football.Vicky-PC\AppData\Roaming]
29/09/2012 14:10 <JUNCTION> Cookies [C:\Users\football.Vicky-PC\AppData\Roaming\Microsoft\Windows\Cookies]
29/09/2012 14:10 <JUNCTION> Local Settings [C:\Users\football.Vicky-PC\AppData\Local]
29/09/2012 14:10 <JUNCTION> My Documents [C:\Users\football.Vicky-PC\Documents]
29/09/2012 14:10 <JUNCTION> NetHood [C:\Users\football.Vicky-PC\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
29/09/2012 14:10 <JUNCTION> PrintHood [C:\Users\football.Vicky-PC\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
29/09/2012 14:10 <JUNCTION> Recent [C:\Users\football.Vicky-PC\AppData\Roaming\Microsoft\Windows\Recent]
29/09/2012 14:10 <JUNCTION> SendTo [C:\Users\football.Vicky-PC\AppData\Roaming\Microsoft\Windows\SendTo]
29/09/2012 14:10 <JUNCTION> Start Menu [C:\Users\football.Vicky-PC\AppData\Roaming\Microsoft\Windows\Start Menu]
29/09/2012 14:10 <JUNCTION> Templates [C:\Users\football.Vicky-PC\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\football.Vicky-PC\AppData\Local
29/09/2012 14:10 <JUNCTION> Application Data [C:\Users\football.Vicky-PC\AppData\Local]
29/09/2012 14:10 <JUNCTION> History [C:\Users\football.Vicky-PC\AppData\Local\Microsoft\Windows\History]
29/09/2012 14:10 <JUNCTION> Temporary Internet Files [C:\Users\football.Vicky-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\football.Vicky-PC\AppData\LocalLow
29/09/2012 14:17 <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\football.Vicky-PC\Documents
29/09/2012 14:10 <JUNCTION> My Music [C:\Users\football.Vicky-PC\Music]
29/09/2012 14:10 <JUNCTION> My Pictures [C:\Users\football.Vicky-PC\Pictures]
29/09/2012 14:10 <JUNCTION> My Videos [C:\Users\football.Vicky-PC\Videos]
0 File(s) 0 bytes
Directory of C:\Users\good
24/11/2012 15:58 <JUNCTION> Application Data [C:\Users\good\AppData\Roaming]
24/11/2012 15:58 <JUNCTION> Cookies [C:\Users\good\AppData\Roaming\Microsoft\Windows\Cookies]
24/11/2012 15:58 <JUNCTION> Local Settings [C:\Users\good\AppData\Local]
24/11/2012 15:58 <JUNCTION> My Documents [C:\Users\good\Documents]
24/11/2012 15:58 <JUNCTION> NetHood [C:\Users\good\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
24/11/2012 15:58 <JUNCTION> PrintHood [C:\Users\good\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
24/11/2012 15:58 <JUNCTION> Recent [C:\Users\good\AppData\Roaming\Microsoft\Windows\Recent]
24/11/2012 15:58 <JUNCTION> SendTo [C:\Users\good\AppData\Roaming\Microsoft\Windows\SendTo]
24/11/2012 15:58 <JUNCTION> Start Menu [C:\Users\good\AppData\Roaming\Microsoft\Windows\Start Menu]
24/11/2012 15:58 <JUNCTION> Templates [C:\Users\good\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\good\AppData\Local
24/11/2012 15:58 <JUNCTION> Application Data [C:\Users\good\AppData\Local]
24/11/2012 15:58 <JUNCTION> History [C:\Users\good\AppData\Local\Microsoft\Windows\History]
24/11/2012 15:58 <JUNCTION> Temporary Internet Files [C:\Users\good\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\good\Documents
24/11/2012 15:58 <JUNCTION> My Music [C:\Users\good\Music]
24/11/2012 15:58 <JUNCTION> My Pictures [C:\Users\good\Pictures]
24/11/2012 15:58 <JUNCTION> My Videos [C:\Users\good\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Guest
29/09/2012 14:07 <JUNCTION> Application Data [C:\Users\Guest\AppData\Roaming]
29/09/2012 14:07 <JUNCTION> Cookies [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies]
29/09/2012 14:07 <JUNCTION> Local Settings [C:\Users\Guest\AppData\Local]
29/09/2012 14:07 <JUNCTION> My Documents [C:\Users\Guest\Documents]
29/09/2012 14:07 <JUNCTION> NetHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
29/09/2012 14:07 <JUNCTION> PrintHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
29/09/2012 14:07 <JUNCTION> Recent [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Recent]
29/09/2012 14:07 <JUNCTION> SendTo [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo]
29/09/2012 14:07 <JUNCTION> Start Menu [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu]
29/09/2012 14:07 <JUNCTION> Templates [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Guest\AppData\Local
29/09/2012 14:07 <JUNCTION> Application Data [C:\Users\Guest\AppData\Local]
29/09/2012 14:07 <JUNCTION> History [C:\Users\Guest\AppData\Local\Microsoft\Windows\History]
29/09/2012 14:07 <JUNCTION> Temporary Internet Files [C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Guest\Documents
29/09/2012 14:07 <JUNCTION> My Music [C:\Users\Guest\Music]
29/09/2012 14:07 <JUNCTION> My Pictures [C:\Users\Guest\Pictures]
29/09/2012 14:07 <JUNCTION> My Videos [C:\Users\Guest\Videos]
0 File(s) 0 bytes
Directory of C:\Users\new
28/10/2012 16:53 <JUNCTION> Application Data [C:\Users\new\AppData\Roaming]
28/10/2012 16:53 <JUNCTION> Cookies [C:\Users\new\AppData\Roaming\Microsoft\Windows\Cookies]
28/10/2012 16:53 <JUNCTION> Local Settings [C:\Users\new\AppData\Local]
28/10/2012 16:53 <JUNCTION> My Documents [C:\Users\new\Documents]
28/10/2012 16:53 <JUNCTION> NetHood [C:\Users\new\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
28/10/2012 16:53 <JUNCTION> PrintHood [C:\Users\new\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
28/10/2012 16:53 <JUNCTION> Recent [C:\Users\new\AppData\Roaming\Microsoft\Windows\Recent]
28/10/2012 16:53 <JUNCTION> SendTo [C:\Users\new\AppData\Roaming\Microsoft\Windows\SendTo]
28/10/2012 16:53 <JUNCTION> Start Menu [C:\Users\new\AppData\Roaming\Microsoft\Windows\Start Menu]
28/10/2012 16:53 <JUNCTION> Templates [C:\Users\new\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\new\AppData\Local
28/10/2012 16:53 <JUNCTION> Application Data [C:\Users\new\AppData\Local]
28/10/2012 16:53 <JUNCTION> History [C:\Users\new\AppData\Local\Microsoft\Windows\History]
28/10/2012 16:53 <JUNCTION> Temporary Internet Files [C:\Users\new\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\new\AppData\LocalLow
28/10/2012 16:59 <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\new\Documents
28/10/2012 16:53 <JUNCTION> My Music [C:\Users\new\Music]
28/10/2012 16:53 <JUNCTION> My Pictures [C:\Users\new\Pictures]
28/10/2012 16:53 <JUNCTION> My Videos [C:\Users\new\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
29/11/2008 19:14 <JUNCTION> My Music [C:\Users\Public\Music]
29/11/2008 19:14 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
29/11/2008 19:14 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Vicky
29/11/2008 19:15 <JUNCTION> Application Data [C:\Users\Vicky\AppData\Roaming]
29/11/2008 19:15 <JUNCTION> Cookies [C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Cookies]
29/11/2008 19:15 <JUNCTION> Local Settings [C:\Users\Vicky\AppData\Local]
29/11/2008 19:15 <JUNCTION> My Documents [C:\Users\Vicky\Documents]
29/11/2008 19:15 <JUNCTION> NetHood [C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
29/11/2008 19:15 <JUNCTION> PrintHood [C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
29/11/2008 19:15 <JUNCTION> Recent [C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Recent]
29/11/2008 19:15 <JUNCTION> SendTo [C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\SendTo]
29/11/2008 19:15 <JUNCTION> Start Menu [C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu]
29/11/2008 19:15 <JUNCTION> Templates [C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Vicky\AppData\Local
29/11/2008 19:15 <JUNCTION> Application Data [C:\Users\Vicky\AppData\Local]
29/11/2008 19:15 <JUNCTION> History [C:\Users\Vicky\AppData\Local\Microsoft\Windows\History]
29/11/2008 19:15 <JUNCTION> Temporary Internet Files [C:\Users\Vicky\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Vicky\AppData\LocalLow
13/09/2011 19:24 <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\Vicky\Documents
29/11/2008 19:15 <JUNCTION> My Music [C:\Users\Vicky\Music]
29/11/2008 19:15 <JUNCTION> My Pictures [C:\Users\Vicky\Pictures]
29/11/2008 19:15 <JUNCTION> My Videos [C:\Users\Vicky\Videos]
0 File(s) 0 bytes
Directory of C:\Users\work
03/11/2012 13:36 <JUNCTION> Application Data [C:\Users\work\AppData\Roaming]
03/11/2012 13:36 <JUNCTION> Cookies [C:\Users\work\AppData\Roaming\Microsoft\Windows\Cookies]
03/11/2012 13:36 <JUNCTION> Local Settings [C:\Users\work\AppData\Local]
03/11/2012 13:36 <JUNCTION> My Documents [C:\Users\work\Documents]
03/11/2012 13:36 <JUNCTION> NetHood [C:\Users\work\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/11/2012 13:36 <JUNCTION> PrintHood [C:\Users\work\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/11/2012 13:36 <JUNCTION> Recent [C:\Users\work\AppData\Roaming\Microsoft\Windows\Recent]
03/11/2012 13:36 <JUNCTION> SendTo [C:\Users\work\AppData\Roaming\Microsoft\Windows\SendTo]
03/11/2012 13:36 <JUNCTION> Start Menu [C:\Users\work\AppData\Roaming\Microsoft\Windows\Start Menu]
03/11/2012 13:36 <JUNCTION> Templates [C:\Users\work\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\work\AppData\Local
03/11/2012 13:36 <JUNCTION> Application Data [C:\Users\work\AppData\Local]
03/11/2012 13:36 <JUNCTION> History [C:\Users\work\AppData\Local\Microsoft\Windows\History]
03/11/2012 13:36 <JUNCTION> Temporary Internet Files [C:\Users\work\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\work\AppData\LocalLow
03/11/2012 13:38 <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\work\Documents
03/11/2012 13:36 <JUNCTION> My Music [C:\Users\work\Music]
03/11/2012 13:36 <JUNCTION> My Pictures [C:\Users\work\Pictures]
03/11/2012 13:36 <JUNCTION> My Videos [C:\Users\work\Videos]
0 File(s) 0 bytes
Directory of C:\Users\work pleas
31/10/2012 21:43 <JUNCTION> Application Data [C:\Users\work pleas\AppData\Roaming]
31/10/2012 21:43 <JUNCTION> Cookies [C:\Users\work pleas\AppData\Roaming\Microsoft\Windows\Cookies]
31/10/2012 21:43 <JUNCTION> Local Settings [C:\Users\work pleas\AppData\Local]
31/10/2012 21:43 <JUNCTION> My Documents [C:\Users\work pleas\Documents]
31/10/2012 21:43 <JUNCTION> NetHood [C:\Users\work pleas\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
31/10/2012 21:43 <JUNCTION> PrintHood [C:\Users\work pleas\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
31/10/2012 21:43 <JUNCTION> Recent [C:\Users\work pleas\AppData\Roaming\Microsoft\Windows\Recent]
31/10/2012 21:43 <JUNCTION> SendTo [C:\Users\work pleas\AppData\Roaming\Microsoft\Windows\SendTo]
31/10/2012 21:43 <JUNCTION> Start Menu [C:\Users\work pleas\AppData\Roaming\Microsoft\Windows\Start Menu]
31/10/2012 21:43 <JUNCTION> Templates [C:\Users\work pleas\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\work pleas\AppData\Local
31/10/2012 21:43 <JUNCTION> Application Data [C:\Users\work pleas\AppData\Local]
31/10/2012 21:43 <JUNCTION> History [C:\Users\work pleas\AppData\Local\Microsoft\Windows\History]
31/10/2012 21:43 <JUNCTION> Temporary Internet Files [C:\Users\work pleas\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\work pleas\AppData\LocalLow
31/10/2012 21:48 <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\work pleas\Documents
31/10/2012 21:43 <JUNCTION> My Music [C:\Users\work pleas\Music]
31/10/2012 21:43 <JUNCTION> My Pictures [C:\Users\work pleas\Pictures]
31/10/2012 21:43 <JUNCTION> My Videos [C:\Users\work pleas\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
23/10/2008 14:59 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
23/10/2008 14:59 <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
23/10/2008 14:59 <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
03/07/2012 19:33 <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents]
03/07/2012 19:33 <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/07/2012 19:33 <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/07/2012 19:33 <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
03/07/2012 19:33 <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
03/07/2012 19:33 <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
03/07/2012 19:33 <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
23/10/2008 14:59 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
23/10/2008 14:59 <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
23/10/2008 14:59 <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
03/07/2012 19:33 <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music]
03/07/2012 19:33 <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
03/07/2012 19:33 <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
200 Dir(s) 126,644,178,944 bytes free

========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

[Phel]

Hey, what's up with problem?

[azza261]

Unfortunatly its still there and saying the same thing

[Phel]

Have you downloaded AdwCleaner via your mobile?

I'd like you to download one tool (again in mp3 format, since malware is preventing you from downloading executable files). Let's see what it will show us.

Please, follow these steps:

• Download 1234.mp3 (right mouse click on the link -> Save target as...) to your desktop.
• Rename 1234.mp3 to aswMBR.exe (don't forget to change extension from .mp3 to .exe).
• Double click the aswMBR.exe to run it.
  
  
  
• Click the [Scan] button to start scan.
  
  
  
• On completion of the scan click [Save log], save it to your desktop and post in your next reply.

[azza261]

hi there yes it is just the same as before i am having to download it on my phone still.




aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-08-19 15:55:21
-----------------------------
15:55:21.268 OS Version: Windows 6.0.6002 Service Pack 2
15:55:21.268 Number of processors: 2 586 0xF0D
15:55:21.270 ComputerName: VICKY-PC UserName: Vicky
15:55:37.898 Initialize success
15:56:01.149 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
15:56:01.152 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
15:56:01.345 Disk 0 MBR read successfully
15:56:01.350 Disk 0 MBR scan
15:56:01.353 Disk 0 Windows VISTA default MBR code
15:56:01.357 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
15:56:01.381 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 81920
15:56:01.393 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 292644 MB offset 20561920
15:56:01.397 Disk 0 Partition - 00 0F Extended LBA 2559 MB offset 619898880
15:56:01.518 Disk 0 Partition 4 00 DD MSDOS5.0 2558 MB offset 619900928
15:56:01.523 Disk 0 scanning sectors +625139712
15:56:01.716 Disk 0 scanning C:\Windows\system32\drivers
15:56:10.690 Service scanning
15:57:06.274 Modules scanning
15:57:30.432 Disk 0 trace - called modules:
15:57:30.752 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
15:57:30.758 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86453ac8]
15:57:30.765 3 CLASSPNP.SYS[8ada28b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85907030]
15:57:30.772 Scan finished successfully
15:58:53.078 Disk 0 MBR has been saved successfully to "C:\Users\Vicky\Desktop\MBR.dat"
15:58:53.087 The log file has been saved successfully to "C:\Users\Vicky\Desktop\aswMBR.txt"

[Phel]

Does it still show you message that downloaded file is infected and was deleted or just blocking downloading without any messages?

[azza261]

yes it says contained a virus and was deleted

[Phel]

I'm sorry, that one day went and we still don't have any improvements on your problem. Your case is quite unusual, so it can take some more time to search for solution.

Are you able to access this folder?

C:\Program Files\Windows Defender\en-US

I'd like you to run new OTL scan.

• Run OTL.
• Click on the None button.
• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  netsvcs
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  c:\windows\system32\drivers\*.sys /200

• Then click the Run Scan button at the top.
• Let the program run unhindered.
• When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of this file, one at a time and post them in your topic.

[azza261]

no thank you i am glad you are helping me yes i can get into windows defender

[azza261]

OTL logfile created on: 19/08/2013 20:03:18 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vicky\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 48.67% Memory free
6.18 Gb Paging File | 4.53 Gb Available in Paging File | 73.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.79 Gb Total Space | 119.40 Gb Free Space | 41.78% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 4.64 Gb Free Space | 47.47% Space Free | Partition Type: NTFS
Drive E: | 507.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: VICKY-PC | User Name: Vicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/18 18:24:40 | 001,643,184 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
PRC - [2013/08/18 13:10:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
PRC - [2013/06/12 13:06:23 | 000,814,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
PRC - [2013/05/28 14:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
PRC - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2012/06/26 19:17:14 | 006,380,400 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2012/06/11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/04/06 16:05:54 | 000,559,736 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\My Image Garden\cnmigmain.exe
PRC - [2012/04/03 13:33:00 | 000,940,168 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/04/03 13:27:16 | 001,087,608 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/04/03 13:26:14 | 001,273,448 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/15 17:12:48 | 001,226,024 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2008/05/04 10:25:32 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/05/04 10:25:26 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/05/04 10:25:26 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/04 10:25:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/05/02 20:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/03/04 06:05:24 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2008/02/22 23:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/01/21 03:24:43 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2008/01/21 03:23:43 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
PRC - [2007/12/21 16:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/11/12 12:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 12:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/03/21 19:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 19:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/19 16:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\7ae268d4c2071d1151ec8e02cd39a3aa\System.Runtime.Remoting.ni.dll
MOD - [2013/08/19 16:20:10 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\44d87641535e186f4a7fc9c469bc73dd\System.Xaml.ni.dll
MOD - [2013/08/19 15:54:39 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4f02f7d34c4fd0dc58ce1dffb5b424f9\PresentationFramework.Aero.ni.dll
MOD - [2013/08/19 15:54:30 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d013570491e3ed864b97675527fdd9d8\PresentationFramework.ni.dll
MOD - [2013/08/19 15:54:23 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\da18beba41f700dd4c71a3f5464c4342\System.Configuration.ni.dll
MOD - [2013/08/19 15:54:20 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\0835155203a99b6a9bb540629920da0d\System.Xml.ni.dll
MOD - [2013/08/19 15:54:13 | 007,053,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\3c2edeaaa3e117b0375bacf8fd971b1e\System.Core.ni.dll
MOD - [2013/08/19 15:54:05 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9ea1cf89cf1897b6b2eeee51ef39b6b9\PresentationCore.ni.dll
MOD - [2013/08/19 15:54:00 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6da40f01a719972f3242d3c374e499c5\System.Windows.Forms.ni.dll
MOD - [2013/08/19 15:53:50 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\bc21753d988d4f70f77cd2febb84833c\WindowsBase.ni.dll
MOD - [2013/08/19 15:53:47 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\7e3570a0cc71998e14e7adb8e4ea0cbb\System.Drawing.ni.dll
MOD - [2013/08/19 15:53:45 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\fc16a5cafc433e6d942e9bd5b14fbeaf\System.ni.dll
MOD - [2013/08/19 15:53:34 | 014,418,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c799474a067f07ef3a167d75029fa012\mscorlib.ni.dll
MOD - [2013/08/18 00:40:39 | 015,881,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\46fe685d21a2d619a116fc0fc983851a\MenuSkinning.ni.dll
MOD - [2013/08/18 00:40:19 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013/08/18 00:40:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/08/18 00:39:44 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\c4f0433ae88d0910d821fc8c8b09695f\VistaBridgeLibrary.ni.dll
MOD - [2013/08/18 00:39:38 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll
MOD - [2013/08/18 00:39:36 | 002,261,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\1b257aa780e5e1f778ce510b1a87c166\DellDock.ni.exe
MOD - [2013/08/18 00:39:34 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\2489d385d8d2ce2d7f8bc75fe41a8d66\MyDock.Util.ni.dll
MOD - [2013/08/18 00:39:13 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9092960402154cf69c694786ae1049b3\System.Configuration.ni.dll
MOD - [2013/08/18 00:22:23 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/08/18 00:22:04 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f575e4c534a93294c72fea670ca73492\System.Windows.Forms.ni.dll
MOD - [2013/08/18 00:21:51 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/08/18 00:20:22 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/07/15 17:37:40 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\05034abc5246a6fef208f73cb912d971\Accessibility.ni.dll
MOD - [2013/07/15 17:29:28 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2008/07/03 13:28:14 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Services (SafeList) ==========

SRV - [2013/08/18 18:24:40 | 001,643,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - [2013/05/28 14:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/10/22 10:53:41 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/10/18 18:22:43 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2008/05/02 20:09:04 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/12 12:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 12:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/03/21 19:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Webroot\Washer\wrssweep.sys -- (wrssweep)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\netaapl.sys -- (Netaapl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/08/18 18:24:40 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2010/10/18 18:22:46 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/10/18 18:22:46 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/01/19 12:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/01/19 12:49:50 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/05/12 10:40:15 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/07/03 13:28:02 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/23 13:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/05/04 10:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/03/17 10:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/03/06 08:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/03/04 06:05:34 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2008/03/04 06:05:18 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/11/12 12:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/06 17:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 17:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 17:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4DB65B04-174C-4C09-691C-331B7382B660}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUK
IE - HKLM\..\SearchScopes\{838BF40B-FD99-4F37-8A9B-2CF9B3D9E46C}: "URL" = http://search.sky.co...m={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=uk&ibd=5081023
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{050C47B0-9D1C-44DB-AE13-D4B6D2CDF760}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{4DB65B04-174C-4C09-691C-331B7382B660}: "URL" = http://search.babylo...00000234d80dcfd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{FDF57497-04CA-49ED-A2C8-7811E39519F7}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)


[2012/06/26 18:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\extensions
[2013/08/17 17:14:00 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2013/08/17 17:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2013/01/30 21:07:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2013/01/30 21:07:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2013/08/17 17:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2013/08/17 17:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]
[2013/01/30 21:07:03 | 000,216,743 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2012/07/29 15:37:16 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]
[2012/08/17 21:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www1.delta-se...123511&tsp=4961

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1BC3F55E-ECB3-4F96-BE7D-B931B56006C2}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{368EED3A-A405-467B-A691-8FCE285C7384}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70AE71F1-5201-4B51-A8B2-5ED6B8C35DE4}: DhcpNameServer = 88.82.13.12 88.82.13.12
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/11/13 17:20:10 | 000,000,170 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{05454490-fecb-11dd-8718-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{05454490-fecb-11dd-8718-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2ec2f99a-dad9-11df-8b30-00234d80dcfd}\Shell - "" = AutoRun
O33 - MountPoints2\{2ec2f99a-dad9-11df-8b30-00234d80dcfd}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3f0e6687-be45-11dd-a52e-00234d80dcfd}\Shell - "" = AutoRun
O33 - MountPoints2\{3f0e6687-be45-11dd-a52e-00234d80dcfd}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3f0e66bc-be45-11dd-a52e-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{3f0e66bc-be45-11dd-a52e-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3f0e66be-be45-11dd-a52e-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{3f0e66be-be45-11dd-a52e-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4df5f306-7200-11de-a61d-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{4df5f306-7200-11de-a61d-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{518f9419-a0dc-11dd-b682-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{518f9419-a0dc-11dd-b682-806e6f6e6963}\Shell\AutoRun\command - "" = E:\MSETUP4.EXE -- [2012/03/16 14:50:44 | 000,363,120 | R--- | M] (CANON INC.)
O33 - MountPoints2\{830c52f4-be43-11dd-ae27-00234d80dcfd}\Shell - "" = AutoRun
O33 - MountPoints2\{830c52f4-be43-11dd-ae27-00234d80dcfd}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bd0a0514-70a3-11de-a7ba-00219bf82473}\Shell - "" = AutoRun
O33 - MountPoints2\{bd0a0514-70a3-11de-a7ba-00219bf82473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2013/08/19 15:54:20 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Vicky\Desktop\aswMBR.exe
[2013/08/18 22:25:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/18 18:32:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMIG
[2013/08/18 13:14:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
[2013/08/18 12:47:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/08/18 00:50:45 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Canon
[2013/08/18 00:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2013/08/18 00:50:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJQuickMenu
[2013/08/18 00:50:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2013/08/18 00:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP230 series User Registration
[2013/08/18 00:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2013/08/18 00:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2013/08/18 00:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013/08/18 00:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP230 series Manual
[2013/08/18 00:35:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013/08/18 00:34:36 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2013/08/18 00:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP230 series
[2013/08/18 00:33:37 | 000,320,000 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B5L.dll
[2013/08/18 00:33:37 | 000,266,752 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B5C.dll
[2013/08/18 00:33:37 | 000,096,768 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B5I.dll
[2013/08/18 00:33:37 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNHMCA.dll
[2013/08/18 00:32:36 | 000,314,880 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMB5.DLL
[2013/08/18 00:32:06 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013/08/18 00:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013/08/18 00:10:42 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/08/18 00:10:40 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/08/18 00:10:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/08/18 00:10:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/08/18 00:10:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/08/18 00:10:36 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/08/18 00:10:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/08/18 00:10:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/08/17 23:04:19 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/08/16 21:10:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013/08/15 19:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/08/04 15:31:32 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\OpenOffice.org
[2013/08/04 15:27:10 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Desktop\OpenOffice.org 3.4.1 (en-US) Installation Files
[2013/08/04 15:05:24 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\SoftGrid Client
[2013/08/04 15:04:41 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\SoftGrid Client
[2013/08/04 15:01:58 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\TP
[2013/08/04 14:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2013/07/31 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Vicky\{776d0f5f-79f0-46cb-ba05-582091ad41d2}
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/19 20:06:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/19 19:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/19 19:00:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/19 19:00:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/19 17:07:41 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/08/19 17:07:41 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/08/19 17:04:58 | 000,001,791 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk
[2013/08/19 17:03:47 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/19 17:03:46 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/08/19 17:00:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/19 16:59:47 | 000,000,275 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/08/19 15:58:53 | 000,000,512 | ---- | M] () -- C:\Users\Vicky\Desktop\MBR.dat
[2013/08/19 15:58:19 | 000,044,032 | ---- | M] () -- C:\Users\Vicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/19 15:53:31 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Vicky\Desktop\aswMBR.exe
[2013/08/18 22:33:44 | 000,666,633 | ---- | M] () -- C:\Users\Vicky\Desktop\AdwCleaner.exe
[2013/08/18 18:24:40 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/08/18 13:10:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
[2013/08/18 00:52:27 | 000,002,624 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\wklnhst.dat
[2013/08/18 00:43:40 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2013/08/18 00:35:57 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP230 series On-screen Manual.lnk
[2013/08/17 21:52:46 | 000,021,504 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013/08/04 16:32:33 | 000,095,107 | ---- | M] () -- C:\Users\Vicky\Documents\polarzone.odt
[2013/07/31 17:30:35 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/28 18:20:31 | 000,001,105 | ---- | M] () -- C:\Users\Vicky\Documents\Recent Items.lnk
[2013/07/25 03:32:35 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/07/25 03:25:30 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/07/25 03:24:39 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/07/25 03:24:24 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/07/25 03:23:59 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/07/25 03:23:27 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/07/25 03:22:35 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/07/25 03:22:04 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/19 15:58:53 | 000,000,512 | ---- | C] () -- C:\Users\Vicky\Desktop\MBR.dat
[2013/08/18 22:35:55 | 000,000,275 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/08/18 22:34:34 | 000,666,633 | ---- | C] () -- C:\Users\Vicky\Desktop\AdwCleaner.exe
[2013/08/18 14:50:20 | 000,001,929 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
[2013/08/18 14:50:20 | 000,001,815 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2013/08/18 00:43:40 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2013/08/18 00:35:57 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP230 series On-screen Manual.lnk
[2013/08/18 00:33:37 | 000,073,984 | ---- | C] () -- C:\Windows\System32\CNC175FD.TBL
[2013/08/04 16:32:31 | 000,095,107 | ---- | C] () -- C:\Users\Vicky\Documents\polarzone.odt
[2013/07/28 18:20:31 | 000,001,105 | ---- | C] () -- C:\Users\Vicky\Documents\Recent Items.lnk
[2013/03/09 09:28:36 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/08/27 15:42:04 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/06/10 16:43:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/02/10 00:03:57 | 000,002,624 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\wklnhst.dat
[2008/12/11 22:28:26 | 000,005,972 | ---- | C] () -- C:\Users\Vicky\AppData\Local\d3d9caps.dat
[2008/11/29 19:22:58 | 000,044,032 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SERVICES >
[2006/09/18 22:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 22:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services

< MD5 for: SERVICES.EXE >
[2008/01/21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 13:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 13:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui

< MD5 for: SERVICES.LNK >
[2008/01/21 03:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/21 03:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2013/08/08 21:19:17 | 000,000,351 | ---- | M] () MD5=EDEE865FBD90910E93F10DCFE9FA14C7 -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7LRBP3BN\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MOF >
[2006/09/18 22:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 22:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 22:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 13:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 22:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 13:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 22:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< c:\windows\system32\drivers\*.sys /200 >
[2013/08/18 18:24:40 | 000,037,664 | ---- | M] (AVG Technologies) -- c:\windows\system32\drivers\avgtpx86.sys
[2013/04/15 15:20:04 | 000,638,328 | ---- | M] (Microsoft Corporation) -- c:\windows\system32\drivers\dxgkrnl.sys
[2013/03/03 20:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) -- c:\windows\system32\drivers\ntfs.sys
[2013/07/05 05:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) -- c:\windows\system32\drivers\tcpip.sys
[2013/06/15 12:23:33 | 000,024,064 | ---- | M] (Microsoft Corporation) -- c:\windows\system32\drivers\tssecsrv.sys
[2013/02/12 02:57:27 | 000,015,872 | ---- | M] (Microsoft Corporation) -- c:\windows\system32\drivers\usb8023.sys
[2013/02/12 02:57:27 | 000,015,872 | ---- | M] (Microsoft Corporation) -- c:\windows\system32\drivers\usb8023x.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

[Phel]

Download RogueKiller to your desktop

Note: This is a French tool so don't be surprised when you find the page displays with some French.

• Quit all running programs
• For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
• Wait until Prescan has finished...
• Click on Scan
  
  
  
• Wait for the scan to finish.
• The report is created on your desktop.

Please post the contents of all the RKreport.txt files from your desktop in your next Reply.