Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Lots of things not running right ... Windows Vista

Started by karenmike , Oct 22 2013 03:37 PM

  • Please log in to reply

#1
karenmike
Posted 22 October 2013 - 03:37 PM

karenmike

    New Member

  • Member
  • Pip
  • 3 posts
There are a lot of things going wrong with this computer and it's peripherals ... more than our friend can clean out and identify so please help.

OTL logfile created on: 10/22/2013 4:41:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Karen\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.25 Gb Available Physical Memory | 13.44% Memory free
3.98 Gb Paging File | 1.24 Gb Available in Paging File | 31.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.31 Gb Total Space | 50.85 Gb Free Space | 17.58% Space Free | Partition Type: NTFS
Drive D: | 8.78 Gb Total Space | 0.96 Gb Free Space | 10.88% Space Free | Partition Type: NTFS

Computer Name: MIKE-PC | User Name: Karen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/22 16:40:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Karen\Downloads\OTL.exe
PRC - [2013/10/18 07:14:22 | 001,162,280 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013/10/18 07:14:21 | 000,621,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2013/10/15 13:52:43 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/10/14 21:14:25 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013/10/14 21:14:17 | 001,673,680 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013/10/10 18:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/10/07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013/10/05 12:16:33 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/10/05 12:16:30 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/22 07:57:32 | 003,470,624 | ---- | M] (Conduit) -- C:\Users\Karen\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/09/15 23:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013/09/03 22:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013/09/02 11:19:00 | 000,669,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013/08/22 22:03:40 | 003,233,806 | ---- | M] () -- C:\Program Files\Tor\tor.exe
PRC - [2013/08/20 23:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013/08/14 08:23:06 | 000,310,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013/08/14 08:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2013/07/09 15:31:22 | 000,060,352 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
PRC - [2013/07/03 07:47:30 | 003,161,648 | ---- | M] (VS Revo Group) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
PRC - [2013/06/25 04:55:09 | 000,427,520 | ---- | M] (Roozz) -- C:\Program Files\Roozz\Updater.exe
PRC - [2013/06/22 15:30:28 | 034,220,352 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files\DriverUpdate\DriverUpdate.exe
PRC - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Charter Security Suite\fshoster32.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/08 02:18:34 | 000,097,056 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/09/11 12:13:04 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.287\SSScheduler.exe
PRC - [2012/08/18 11:17:40 | 000,043,912 | ---- | M] (WebEx Communications, Inc.) -- C:\WINDOWS\System32\atashost.exe
PRC - [2011/10/25 10:59:16 | 000,244,960 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/14 22:20:04 | 000,415,072 | ---- | M] () -- C:\Program Files\Dyyno\Dyyno Broadcaster\launcherd.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/01 11:38:48 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/02/15 06:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/12/21 23:54:29 | 000,372,736 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\hpzstub.exe
PRC - [2006/12/21 23:54:20 | 000,407,128 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzpsl01.exe
PRC - [2006/12/21 23:44:58 | 000,792,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\hpzsetup.exe
PRC - [2006/12/21 23:39:08 | 000,411,224 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzcdl01.exe
PRC - [2006/09/28 09:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/15 13:52:43 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/10/12 11:04:14 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
MOD - [2013/10/12 10:54:46 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
MOD - [2013/10/12 10:54:19 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f228cc72a6647716127cd44ca416e6dc\PresentationFramework.ni.dll
MOD - [2013/10/12 10:53:58 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2482534bee5c520cdfe9c8f7df6a92f\PresentationCore.ni.dll
MOD - [2013/10/12 10:53:39 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c16ade1485996fa4981edc7df436a15b\WindowsBase.ni.dll
MOD - [2013/10/08 20:02:43 | 000,415,184 | ---- | M] () -- C:\Users\Karen\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/08 20:02:42 | 013,584,336 | ---- | M] () -- C:\Users\Karen\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/08 20:02:41 | 004,055,504 | ---- | M] () -- C:\Users\Karen\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 20:01:47 | 001,604,560 | ---- | M] () -- C:\Users\Karen\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/10/05 12:16:37 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll
MOD - [2013/10/05 12:16:37 | 000,142,360 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
MOD - [2013/08/15 04:08:53 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll
MOD - [2013/08/15 04:06:48 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013/08/15 04:06:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 04:04:06 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\afb5e0ae4a83bc177905210947ee8b87\System.Xml.ni.dll
MOD - [2013/08/15 04:03:14 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/08/15 04:02:38 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll
MOD - [2013/08/15 04:00:43 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/08/14 08:22:50 | 000,056,256 | ---- | M] () -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2013/08/14 08:22:48 | 000,154,560 | ---- | M] () -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\FSGUI\flyerres.eng
MOD - [2013/07/14 15:10:36 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f28238b56c8b6401a428aa549b28a89a\UIAutomationTypes.ni.dll
MOD - [2013/07/14 14:32:24 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af7b745f6a06b800c73f1556553fe331\PresentationFramework.Aero.ni.dll
MOD - [2013/07/14 14:25:30 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2013/03/21 11:14:57 | 000,593,464 | ---- | M] () -- C:\WINDOWS\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/08/05 14:26:14 | 000,061,440 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/08/05 14:26:12 | 000,131,072 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/08/05 14:26:06 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/08/05 14:26:06 | 000,007,680 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/08/05 14:26:04 | 000,036,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/08/05 14:26:04 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/08/05 14:26:00 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/08/05 14:25:50 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2007/09/20 21:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2013/10/14 21:14:25 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/10/10 18:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/10/05 12:16:33 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/08/28 17:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/22 22:03:40 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files\Tor\tor.exe -- (tor)
SRV - [2013/08/14 08:23:06 | 000,216,000 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2013/07/09 15:31:22 | 000,060,352 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2013/06/25 04:55:09 | 000,427,520 | ---- | M] (Roozz) [Auto | Running] -- C:\Program Files\Roozz\Updater.exe -- (Roozz Updater)
SRV - [2013/05/15 16:05:58 | 000,191,424 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Charter Security Suite\fshoster32.exe -- (fshoster)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/08 02:18:34 | 000,097,056 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012/09/11 12:12:18 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.287\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/08/18 11:17:40 | 000,043,912 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\WINDOWS\System32\atashost.exe -- (atashost)
SRV - [2011/10/25 10:59:16 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011/01/14 22:20:04 | 000,415,072 | ---- | M] () [Auto | Running] -- C:\Program Files\Dyyno\Dyyno Broadcaster\launcherd.exe -- (Dyyno Launcher)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Unknown (-1) | Unknown (-1) | Unknown] -- -- (Updater Service for StartNow Toolbar)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/10/22 16:08:00 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/10/21 15:15:37 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2013/10/18 07:19:48 | 000,146,288 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013/10/18 07:14:42 | 000,073,328 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013/10/13 13:28:00 | 000,044,240 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsbts.sys -- (fsbts)
DRV - [2013/10/05 12:16:38 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/10 22:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/08 22:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/09/02 10:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/09/02 10:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/09/02 10:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/09/02 10:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/08/20 22:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/08/14 08:22:44 | 000,012,736 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2013/08/01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/04/25 12:52:40 | 000,066,496 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Charter Security Suite\apps\CCF_Scanning\fsni32.sys -- (fsni)
DRV - [2011/09/29 03:04:22 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/05/08 08:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 08:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 10:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/03/19 09:58:50 | 000,101,672 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/02/10 20:18:00 | 007,409,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
DRV - [2005/08/17 07:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2005/08/17 07:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 07:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKLM\..\SearchScopes\{136A6348-D601-4D57-A77A-BF9231B38261}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{59978E0A-1C53-4D9A-A67F-D1473F7643AB}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{A1170105-04F3-4615-8626-95D3A4FCDED9}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylo...000001bfca5897c
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {f92a9fe4-2850-4198-b9d5-279880e49b16} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKCU\..\SearchScopes\{136A6348-D601-4D57-A77A-BF9231B38261}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{59978E0A-1C53-4D9A-A67F-D1473F7643AB}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{68FB0431-1FDE-4F8C-AF95-AA007B352EC0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-09-08 15:38:43&v=17.0.1.12&pid=safeguard&sg=15&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{A1170105-04F3-4615-8626-95D3A4FCDED9}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKCU\..\SearchScopes\{EFCF8DFF-292D-4FED-9250-18BED37345E0}: "URL" = http://search.condui...&ctid=CT1320680
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@Roozz.com/RoozzPlugin: C:\Program Files\Roozz\nproozz.dll (Roozz.com)
FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Karen\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Karen\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/10 20:02:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.0.2.13 [2013/10/15 13:53:28 | 000,000,000 | ---D | M]

[2012/08/16 12:03:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - homepage: true
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://mysearch.avg....sa&d=2013-08-29 13:56:12&v=15.4.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://toolbar.avg.c...earchTerms}&o=1
CHR - homepage: http://mysearch.avg....sa&d=2013-08-29 13:56:12&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Drive = C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Neon Lights = C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiljdmkckennnleegbmfddpbfnhfbjmm\0.9_0\
CHR - Extension: Neon Lights Interactive Theme = C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemjindejndnepkdaeblngbnnbmloeoj\0.5.8_0\
CHR - Extension: No name found = C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (BFlix Toolbar) - {a6bf16ab-42a1-4bc5-965d-5e407e449aaa} - C:\Program Files\bflixtoolbar\vmntemplateX.dll ()
O2 - BHO: (Shop to Win) - {A7878997-94DC-4FC7-8AEC-3038972E4D85} - C:\Program Files\Shop to Win 23\Shop to Win 23.dll (Shop To Win, LLC)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (BFlix Toolbar) - {a6bf16ab-42a1-4bc5-965d-5e407e449aaa} - C:\Program Files\bflixtoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F92A9FE4-2850-4198-B9D5-279880E49B16} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (42626)] C:\Program Files\Charter Security Suite\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Karen\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [removeiMeshtoolbar] cmd.exe /c RD /S /Q "C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar" File not found
O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar" File not found
O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar" File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.247.24.53 66.189.0.100 24.178.162.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0122B2E1-257D-4823-802A-3013F4A6370F}: DhcpNameServer = 24.247.24.53 66.189.0.100 24.178.162.3
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/23 19:59:56 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/22 16:25:30 | 000,000,000 | ---D | C] -- C:\Users\Karen\AppData\Roaming\SUPERAntiSpyware.com
[2013/10/22 16:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/10/22 16:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/10/22 16:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/10/22 16:06:13 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/10/22 16:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/22 16:05:06 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/10/22 16:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/21 16:13:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/10/21 16:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/10/21 16:12:09 | 000,000,000 | ---D | C] -- C:\Users\Karen\AppData\Roaming\AVG2014
[2013/10/21 16:09:49 | 000,000,000 | ---D | C] -- C:\Users\Karen\AppData\Roaming\TuneUp Software
[2013/10/21 16:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/10/21 16:04:52 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/10/21 16:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/10/21 16:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/10/21 15:58:15 | 000,000,000 | ---D | C] -- C:\Users\Karen\AppData\Local\MFAData
[2013/10/21 15:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/10/21 15:58:15 | 000,000,000 | ---D | C] -- C:\Users\Karen\AppData\Local\Avg2014
[2013/10/21 15:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/10/21 15:27:32 | 000,000,000 | ---D | C] -- C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013/10/21 15:18:14 | 028,128,376 | ---- | C] (SUPERAntiSpyware) -- C:\Users\Karen\Desktop\SUPERAntiSpyware.exe
[2013/10/21 15:18:13 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Karen\Desktop\mbam-setup-1.75.0.1300.exe
[2013/10/21 15:18:12 | 004,425,448 | ---- | C] (AVG Technologies) -- C:\Users\Karen\Desktop\avg_free_stb_all_2014_4116_cnet.exe
[2013/10/21 15:18:12 | 004,369,632 | ---- | C] (Piriform Ltd) -- C:\Users\Karen\Desktop\ccsetup406.exe
[2013/10/21 00:00:04 | 000,000,000 | ---D | C] -- C:\Users\Karen\AppData\Roaming\F-Secure
[2013/10/20 13:18:09 | 000,000,000 | ---D | C] -- C:\SearchProtect
[2013/10/18 08:00:14 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013/10/18 07:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013/10/18 07:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\AskPartnerNetwork
[2013/10/18 07:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/10/18 07:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/18 07:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/10/18 07:49:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/13 13:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charter Security Suite
[2013/09/25 20:57:14 | 000,120,632 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/22 17:10:01 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\ActiveMail Chrome Watcher.job
[2013/10/22 17:10:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6A5DA839-64FF-46D5-8680-CF16EAD4CEC8}.job
[2013/10/22 17:03:52 | 000,149,052 | ---- | M] () -- C:\Windows\hpoins19.dat
[2013/10/22 17:00:21 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1003UA.job
[2013/10/22 16:57:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1001UA.job
[2013/10/22 16:48:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1005UA.job
[2013/10/22 16:29:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1000UA.job
[2013/10/22 16:19:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1006UA.job
[2013/10/22 16:08:13 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/10/22 16:08:00 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/10/22 16:05:18 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/22 15:15:57 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/22 15:15:57 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/22 12:48:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1005Core.job
[2013/10/22 12:28:55 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\ActiveMail Updater.job
[2013/10/22 07:58:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1003Core.job
[2013/10/22 03:57:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1001Core.job
[2013/10/22 00:00:41 | 000,000,596 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/10/21 21:29:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1000Core.job
[2013/10/21 17:19:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-454688464-3576213514-2880554878-1006Core.job
[2013/10/21 16:56:56 | 000,054,862 | ---- | M] () -- C:\Users\Karen\Documents\cc_20131021_165638.reg
[2013/10/21 16:13:26 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/21 16:09:49 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/10/21 15:27:32 | 000,001,059 | ---- | M] () -- C:\Users\Karen\Desktop\Revo Uninstaller.lnk
[2013/10/21 15:21:06 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/21 15:21:06 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/21 15:17:42 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\DriverUpdate Startup.job
[2013/10/21 15:15:37 | 000,013,464 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2013/10/21 15:14:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/21 14:18:02 | 004,369,632 | ---- | M] (Piriform Ltd) -- C:\Users\Karen\Desktop\ccsetup406.exe
[2013/10/21 14:17:44 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Karen\Desktop\mbam-setup-1.75.0.1300.exe
[2013/10/21 14:17:06 | 028,128,376 | ---- | M] (SUPERAntiSpyware) -- C:\Users\Karen\Desktop\SUPERAntiSpyware.exe
[2013/10/18 21:11:48 | 000,002,046 | ---- | M] () -- C:\Users\Karen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/18 21:11:48 | 000,002,044 | ---- | M] () -- C:\Users\Karen\Desktop\Google Chrome.lnk
[2013/10/13 13:28:00 | 000,044,240 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys
[2013/10/13 13:18:53 | 000,019,836 | ---- | M] () -- C:\Windows\prodsett_copy.ini
[2013/10/13 13:14:29 | 000,001,875 | ---- | M] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/10/13 09:11:34 | 004,425,448 | ---- | M] (AVG Technologies) -- C:\Users\Karen\Desktop\avg_free_stb_all_2014_4116_cnet.exe
[2013/10/12 10:52:49 | 003,680,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/05 12:16:38 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/22 16:08:13 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/10/22 16:05:18 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/21 16:56:49 | 000,054,862 | ---- | C] () -- C:\Users\Karen\Documents\cc_20131021_165638.reg
[2013/10/21 16:13:26 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/21 16:09:49 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/10/21 15:27:32 | 000,001,059 | ---- | C] () -- C:\Users\Karen\Desktop\Revo Uninstaller.lnk
[2013/10/13 13:14:28 | 000,001,875 | ---- | C] () -- C:\Users\Public\Desktop\Charter Security Suite.lnk
[2013/08/29 11:29:54 | 000,013,464 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2013/07/09 15:33:51 | 000,044,240 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2013/04/09 11:38:46 | 000,149,052 | ---- | C] () -- C:\Windows\hpoins19.dat
[2013/03/21 12:02:40 | 000,019,836 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2012/11/17 18:16:46 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl
[2012/01/29 21:08:56 | 000,000,404 | ---- | C] () -- C:\Windows\PowerReg.dat
[2012/01/29 21:08:30 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2012/01/08 01:23:42 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/12/26 12:45:03 | 000,013,824 | ---- | C] () -- C:\Users\Karen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/26 00:40:35 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011/12/08 13:44:17 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/10/29 03:17:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/10/29 00:25:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/10/29 00:25:59 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/10/18 13:41:47 | 000,002,278 | ---- | C] () -- C:\Users\Karen\AppData\Roaming\wklnhst.dat
[2011/10/08 22:18:55 | 000,000,632 | RHS- | C] () -- C:\Users\Karen\ntuser.pol

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/10/21 16:12:09 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\AVG2014
[2013/03/13 14:31:13 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\DriverCure
[2013/10/21 00:00:04 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\F-Secure
[2012/03/29 18:14:08 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\IObit
[2012/04/16 19:56:12 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\MusicNet
[2011/10/09 23:08:26 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\Panda Security
[2013/07/24 20:26:15 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\SearchProtect
[2011/10/08 22:19:23 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\Snapfish
[2013/03/13 14:31:13 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\SparkTrust
[2011/10/18 13:41:58 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\Template
[2013/10/21 16:09:49 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\TuneUp Software

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/07/21 19:21:01 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢Ä¢?¢8520-1533-40C5-AD09-953C574F14BCÄ¢?¢) -- C:\ProgramData\䊈¢㼸¢Ä¢㎘¢8520-1533-40C5-AD09-953C574F14BCÄ¢㡨¢
[2013/07/21 19:21:01 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢Ä¢?¢8520-1533-40C5-AD09-953C574F14BCÄ¢?¢) -- C:\ProgramData\䊈¢㼸¢Ä¢㎘¢8520-1533-40C5-AD09-953C574F14BCÄ¢㡨¢
[2013/07/18 11:27:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǣ㼸ǣÄǣ㎘ǣ8520-1533-40C5-AD09-953C574F14BCÄǣ㡨ǣ
[2013/07/18 11:27:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǣ㼸ǣÄǣ㎘ǣ8520-1533-40C5-AD09-953C574F14BCÄǣ㡨ǣ
[2013/07/16 21:21:35 | 000,000,000 | ---D | M](C:\ProgramData\?c?cÄc?c8520-1533-40C5-AD09-953C574F14BCÄc?c) -- C:\ProgramData\䊐ċ㽀ċÄċ㎠ċ8520-1533-40C5-AD09-953C574F14BCÄċ㡰ċ
[2013/07/16 21:21:35 | 000,000,000 | ---D | M](C:\ProgramData\?c?cÄc?c8520-1533-40C5-AD09-953C574F14BCÄc?c) -- C:\ProgramData\䊐ċ㽀ċÄċ㎠ċ8520-1533-40C5-AD09-953C574F14BCÄċ㡰ċ
[2013/07/16 12:38:05 | 000,000,000 | ---D | M](C:\ProgramData\?,?,Ä,?,8520-1533-40C5-AD09-953C574F14BCÄ,?,) -- C:\ProgramData\䊈,㼸,Ä,㎘,8520-1533-40C5-AD09-953C574F14BCÄ,㡨,
[2013/07/16 12:38:05 | 000,000,000 | ---D | M](C:\ProgramData\?,?,Ä,?,8520-1533-40C5-AD09-953C574F14BCÄ,?,) -- C:\ProgramData\䊈,㼸,Ä,㎘,8520-1533-40C5-AD09-953C574F14BCÄ,㡨,
[2013/07/14 14:25:44 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈‚㼸‚Ä‚㎘‚8520-1533-40C5-AD09-953C574F14BCÄ‚㡨‚
[2013/07/14 14:25:44 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈‚㼸‚Ä‚㎘‚8520-1533-40C5-AD09-953C574F14BCÄ‚㡨‚
[2013/07/11 20:18:17 | 000,000,000 | ---D | M](C:\ProgramData\?;?;Ä;?;8520-1533-40C5-AD09-953C574F14BCÄ;?;) -- C:\ProgramData\䊈;㼸;Ä;㎘;8520-1533-40C5-AD09-953C574F14BCÄ;㡨;
[2013/07/11 20:18:17 | 000,000,000 | ---D | M](C:\ProgramData\?;?;Ä;?;8520-1533-40C5-AD09-953C574F14BCÄ;?;) -- C:\ProgramData\䊈;㼸;Ä;㎘;8520-1533-40C5-AD09-953C574F14BCÄ;㡨;
[2013/07/11 18:54:59 | 000,000,000 | ---D | M](C:\ProgramData\?Å?ÅÄÅ?Å8520-1533-40C5-AD09-953C574F14BCÄÅ?Å) -- C:\ProgramData\䊐Å㽀ÅÄÅ㎠Å8520-1533-40C5-AD09-953C574F14BCÄÅ㡰Å
[2013/07/11 18:54:59 | 000,000,000 | ---D | M](C:\ProgramData\?Å?ÅÄÅ?Å8520-1533-40C5-AD09-953C574F14BCÄÅ?Å) -- C:\ProgramData\䊐Å㽀ÅÄÅ㎠Å8520-1533-40C5-AD09-953C574F14BCÄÅ㡰Å
[2013/07/11 18:45:29 | 000,000,000 | ---D | M](C:\ProgramData\?t?tÄt?t8520-1533-40C5-AD09-953C574F14BCÄt?t) -- C:\ProgramData\䊈t㼸tÄt㎘t8520-1533-40C5-AD09-953C574F14BCÄt㡨t
[2013/07/11 18:45:29 | 000,000,000 | ---D | M](C:\ProgramData\?t?tÄt?t8520-1533-40C5-AD09-953C574F14BCÄt?t) -- C:\ProgramData\䊈t㼸tÄt㎘t8520-1533-40C5-AD09-953C574F14BCÄt㡨t
[2013/07/09 14:44:47 | 000,000,000 | ---D | M](C:\ProgramData\?H?HÄH?H8520-1533-40C5-AD09-953C574F14BCÄH?H) -- C:\ProgramData\䊈H㼸HÄH㎘H8520-1533-40C5-AD09-953C574F14BCÄH㡨H
[2013/07/09 14:44:47 | 000,000,000 | ---D | M](C:\ProgramData\?H?HÄH?H8520-1533-40C5-AD09-953C574F14BCÄH?H) -- C:\ProgramData\䊈H㼸HÄH㎘H8520-1533-40C5-AD09-953C574F14BCÄH㡨H
[2013/07/09 13:37:29 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䊈Ĝ㼸ĜÄĜ㎘Ĝ8520-1533-40C5-AD09-953C574F14BCÄĜ㡨Ĝ
[2013/07/09 13:37:29 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䊈Ĝ㼸ĜÄĜ㎘Ĝ8520-1533-40C5-AD09-953C574F14BCÄĜ㡨Ĝ
[2013/07/08 17:47:41 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䊈ǔ㼸ǔÄǔ㎘ǔ8520-1533-40C5-AD09-953C574F14BCÄǔ㡨ǔ
[2013/07/08 17:47:41 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䊈ǔ㼸ǔÄǔ㎘ǔ8520-1533-40C5-AD09-953C574F14BCÄǔ㡨ǔ
[2013/07/01 18:15:04 | 000,000,000 | ---D | M](C:\ProgramData\?Ô?ÔÄÔ?Ô8520-1533-40C5-AD09-953C574F14BCÄÔ?Ô) -- C:\ProgramData\䊈Ô㼸ÔÄÔ㎘Ô8520-1533-40C5-AD09-953C574F14BCÄÔ㡨Ô
[2013/07/01 18:15:04 | 000,000,000 | ---D | M](C:\ProgramData\?Ô?ÔÄÔ?Ô8520-1533-40C5-AD09-953C574F14BCÄÔ?Ô) -- C:\ProgramData\䊈Ô㼸ÔÄÔ㎘Ô8520-1533-40C5-AD09-953C574F14BCÄÔ㡨Ô
[2013/07/01 18:09:48 | 000,000,000 | ---D | M](C:\ProgramData\?d?dÄd?d8520-1533-40C5-AD09-953C574F14BCÄd?d) -- C:\ProgramData\䊈đ㼸đÄđ㎘đ8520-1533-40C5-AD09-953C574F14BCÄđ㡨đ
[2013/07/01 18:09:48 | 000,000,000 | ---D | M](C:\ProgramData\?d?dÄd?d8520-1533-40C5-AD09-953C574F14BCÄd?d) -- C:\ProgramData\䊈đ㼸đÄđ㎘đ8520-1533-40C5-AD09-953C574F14BCÄđ㡨đ
[2013/06/29 23:03:21 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ǎ㼸ǍÄǍ㎘Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡨Ǎ
[2013/06/29 23:03:21 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ǎ㼸ǍÄǍ㎘Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡨Ǎ
[2013/06/24 21:17:19 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ą㼸ąÄą㎘ą8520-1533-40C5-AD09-953C574F14BCÄą㡨ą
[2013/06/24 21:17:19 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ą㼸ąÄą㎘ą8520-1533-40C5-AD09-953C574F14BCÄą㡨ą
[2013/06/18 18:04:25 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐nj㽀njÄnj㎠nj8520-1533-40C5-AD09-953C574F14BCÄnj㡰nj
[2013/06/18 18:04:25 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐nj㽀njÄnj㎠nj8520-1533-40C5-AD09-953C574F14BCÄnj㡰nj
[2013/06/18 10:25:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǡ㼸ǡÄǡ㎘ǡ8520-1533-40C5-AD09-953C574F14BCÄǡ㡨ǡ
[2013/06/18 10:25:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǡ㼸ǡÄǡ㎘ǡ8520-1533-40C5-AD09-953C574F14BCÄǡ㡨ǡ
[2013/06/13 15:26:17 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ā㼸āÄā㎘ā8520-1533-40C5-AD09-953C574F14BCÄā㡨ā
[2013/06/13 15:26:17 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ā㼸āÄā㎘ā8520-1533-40C5-AD09-953C574F14BCÄā㡨ā
[2013/06/12 21:06:50 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ƹ㼸ƹÄƹ㎘ƹ8520-1533-40C5-AD09-953C574F14BCÄƹ㡨ƹ
[2013/06/12 21:06:50 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ƹ㼸ƹÄƹ㎘ƹ8520-1533-40C5-AD09-953C574F14BCÄƹ㡨ƹ
[2013/06/08 20:07:01 | 000,000,000 | ---D | M](C:\ProgramData\?e?eÄe?e8520-1533-40C5-AD09-953C574F14BCÄe?e) -- C:\ProgramData\䋨ě㾘ěÄě㏸ě8520-1533-40C5-AD09-953C574F14BCÄě㣈ě
[2013/06/08 20:07:01 | 000,000,000 | ---D | M](C:\ProgramData\?e?eÄe?e8520-1533-40C5-AD09-953C574F14BCÄe?e) -- C:\ProgramData\䋨ě㾘ěÄě㏸ě8520-1533-40C5-AD09-953C574F14BCÄě㣈ě
[2013/06/05 20:37:19 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ă㼸ĂÄĂ㎘Ă8520-1533-40C5-AD09-953C574F14BCÄĂ㡨Ă
[2013/06/05 20:37:19 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ă㼸ĂÄĂ㎘Ă8520-1533-40C5-AD09-953C574F14BCÄĂ㡨Ă
[2013/06/01 12:58:32 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈Ƕ㼸ǶÄǶ㎘Ƕ8520-1533-40C5-AD09-953C574F14BCÄǶ㡨Ƕ
[2013/06/01 12:58:32 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈Ƕ㼸ǶÄǶ㎘Ƕ8520-1533-40C5-AD09-953C574F14BCÄǶ㡨Ƕ
[2013/05/28 14:36:16 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈DZ㼸DZÄDZ㎘DZ8520-1533-40C5-AD09-953C574F14BCÄDZ㡨DZ
[2013/05/28 14:36:16 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈DZ㼸DZÄDZ㎘DZ8520-1533-40C5-AD09-953C574F14BCÄDZ㡨DZ
[2013/05/23 12:46:49 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǚ㼸ǙÄǙ㎘Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡨Ǚ
[2013/05/23 12:46:49 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǚ㼸ǙÄǙ㎘Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡨Ǚ
[2013/05/22 10:40:43 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐Š㽀ŠÄŠ㎠Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡰Š
[2013/05/22 10:40:43 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐Š㽀ŠÄŠ㎠Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡰Š
[2013/05/18 12:49:49 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǖ㼸ǕÄǕ㎘Ǖ8520-1533-40C5-AD09-953C574F14BCÄǕ㡨Ǖ
[2013/05/18 12:49:49 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǖ㼸ǕÄǕ㎘Ǖ8520-1533-40C5-AD09-953C574F14BCÄǕ㡨Ǖ
[2013/05/17 09:33:55 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǯ㼸ǯÄǯ㎘ǯ8520-1533-40C5-AD09-953C574F14BCÄǯ㡨ǯ
[2013/05/17 09:33:55 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǯ㼸ǯÄǯ㎘ǯ8520-1533-40C5-AD09-953C574F14BCÄǯ㡨ǯ
[2013/05/16 12:23:49 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䊈Ĕ㼸ĔÄĔ㎘Ĕ8520-1533-40C5-AD09-953C574F14BCÄĔ㡨Ĕ
[2013/05/16 12:23:49 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䊈Ĕ㼸ĔÄĔ㎘Ĕ8520-1533-40C5-AD09-953C574F14BCÄĔ㡨Ĕ
[2013/05/14 13:08:57 | 000,000,000 | ---D | M](C:\ProgramData\?!?!Ä!?!8520-1533-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䈨!㻘!Ä!㌸!8520-1533-40C5-AD09-953C574F14BCÄ!㠈!
[2013/05/14 13:08:57 | 000,000,000 | ---D | M](C:\ProgramData\?!?!Ä!?!8520-1533-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䈨!㻘!Ä!㌸!8520-1533-40C5-AD09-953C574F14BCÄ!㠈!
(C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǖ㼸ǕÄǕ㎘Ǖ8520-1533-40C5-AD09-953C574F14BCÄǕ㡨Ǖ
(C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǚ㼸ǙÄǙ㎘Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡨Ǚ
(C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䊈ǔ㼸ǔÄǔ㎘ǔ8520-1533-40C5-AD09-953C574F14BCÄǔ㡨ǔ
(C:\ProgramData\?t?tÄt?t8520-1533-40C5-AD09-953C574F14BCÄt?t) -- C:\ProgramData\䊈t㼸tÄt㎘t8520-1533-40C5-AD09-953C574F14BCÄt㡨t
(C:\ProgramData\?Ô?ÔÄÔ?Ô8520-1533-40C5-AD09-953C574F14BCÄÔ?Ô) -- C:\ProgramData\䊈Ô㼸ÔÄÔ㎘Ô8520-1533-40C5-AD09-953C574F14BCÄÔ㡨Ô
(C:\ProgramData\?H?HÄH?H8520-1533-40C5-AD09-953C574F14BCÄH?H) -- C:\ProgramData\䊈H㼸HÄH㎘H8520-1533-40C5-AD09-953C574F14BCÄH㡨H
(C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䊈Ĝ㼸ĜÄĜ㎘Ĝ8520-1533-40C5-AD09-953C574F14BCÄĜ㡨Ĝ
(C:\ProgramData\?e?eÄe?e8520-1533-40C5-AD09-953C574F14BCÄe?e) -- C:\ProgramData\䋨ě㾘ěÄě㏸ě8520-1533-40C5-AD09-953C574F14BCÄě㣈ě
(C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䊈Ĕ㼸ĔÄĔ㎘Ĕ8520-1533-40C5-AD09-953C574F14BCÄĔ㡨Ĕ
(C:\ProgramData\?d?dÄd?d8520-1533-40C5-AD09-953C574F14BCÄd?d) -- C:\ProgramData\䊈đ㼸đÄđ㎘đ8520-1533-40C5-AD09-953C574F14BCÄđ㡨đ
(C:\ProgramData\?c?cÄc?c8520-1533-40C5-AD09-953C574F14BCÄc?c) -- C:\ProgramData\䊐ċ㽀ċÄċ㎠ċ8520-1533-40C5-AD09-953C574F14BCÄċ㡰ċ
(C:\ProgramData\?Å?ÅÄÅ?Å8520-1533-40C5-AD09-953C574F14BCÄÅ?Å) -- C:\ProgramData\䊐Å㽀ÅÄÅ㎠Å8520-1533-40C5-AD09-953C574F14BCÄÅ㡰Å
(C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ą㼸ąÄą㎘ą8520-1533-40C5-AD09-953C574F14BCÄą㡨ą
(C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ā㼸āÄā㎘ā8520-1533-40C5-AD09-953C574F14BCÄā㡨ā
(C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ă㼸ĂÄĂ㎘Ă8520-1533-40C5-AD09-953C574F14BCÄĂ㡨Ă
(C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ǎ㼸ǍÄǍ㎘Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡨Ǎ
(C:\ProgramData\?¢?¢Ä¢?¢8520-1533-40C5-AD09-953C574F14BCÄ¢?¢) -- C:\ProgramData\䊈¢㼸¢Ä¢㎘¢8520-1533-40C5-AD09-953C574F14BCÄ¢㡨¢
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐nj㽀njÄnj㎠nj8520-1533-40C5-AD09-953C574F14BCÄnj㡰nj
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐Š㽀ŠÄŠ㎠Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡰Š
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ƹ㼸ƹÄƹ㎘ƹ8520-1533-40C5-AD09-953C574F14BCÄƹ㡨ƹ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǯ㼸ǯÄǯ㎘ǯ8520-1533-40C5-AD09-953C574F14BCÄǯ㡨ǯ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈Ƕ㼸ǶÄǶ㎘Ƕ8520-1533-40C5-AD09-953C574F14BCÄǶ㡨Ƕ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈DZ㼸DZÄDZ㎘DZ8520-1533-40C5-AD09-953C574F14BCÄDZ㡨DZ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǡ㼸ǡÄǡ㎘ǡ8520-1533-40C5-AD09-953C574F14BCÄǡ㡨ǡ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǣ㼸ǣÄǣ㎘ǣ8520-1533-40C5-AD09-953C574F14BCÄǣ㡨ǣ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈‚㼸‚Ä‚㎘‚8520-1533-40C5-AD09-953C574F14BCÄ‚㡨‚
(C:\ProgramData\?;?;Ä;?;8520-1533-40C5-AD09-953C574F14BCÄ;?;) -- C:\ProgramData\䊈;㼸;Ä;㎘;8520-1533-40C5-AD09-953C574F14BCÄ;㡨;
(C:\ProgramData\?,?,Ä,?,8520-1533-40C5-AD09-953C574F14BCÄ,?,) -- C:\ProgramData\䊈,㼸,Ä,㎘,8520-1533-40C5-AD09-953C574F14BCÄ,㡨,
(C:\ProgramData\?!?!Ä!?!8520-1533-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䈨!㻘!Ä!㌸!8520-1533-40C5-AD09-953C574F14BCÄ!㠈!

< End of report >
  • 0

Advertisements

#2
Pyxis
Posted 22 October 2013 - 07:46 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Greetings,

Welcome to Geeks to Go--the friendliest online community dedicated to the sole goal of helping people from all around the world! :)

I am Pyxis and I will be assisting you with the problem at hand. Whilst I am taking the time to analyse your set of provided logs, I would like to stress the following reminders:

  • I am a student that is currently undergoing training. As such, my responses have to be checked by a professional before I present them to you to ensure you get the best quality help. If you deem I have overlooked your thread, which is in a matter of more than 24 hours, please send me a PM and I will get back to you shortly.
  • It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.
  • Ensure you take extra caution to precisely follow my instructions. It is important that you only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.
I hope you keep in mind these reminders. I will be right back with a full response! :thumbsup:

Thank you.
  • 0

#3
Pyxis
Posted 23 October 2013 - 12:06 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi karenmike,

Thanks for waiting! You're right about your computer's status... there are a lot of things going on. I notice your computer's memory is severely hampered by the amount of adware and security programs present. We'll deal with those things first in this post. :)

  • Step 1
After examining your logs, I have seen that you currently have one or more P2P Programs installed. I would recommend their removal as the networks these programs are involved in are breeding places for malware. The things you are downloading are not one hundred percent safe as they can be uploaded by anyone on the Internet, some possibly aiding in the propagation of malware.

More can be read from the following sources:

You are advised to remove the following programs by uninstalling them:

  • µTorrent
Note: This step is optional. You may or may not remove the programs, however I strongly suggest getting rid or disabling them before we continue with the process.
  • Step 2
You seem to have too many anti-virus programs running in your system. While it is normal to think that "the more the merrier" in certain occasions, it does not apply when choosing an anti-virus. Having multiple ones of the same kind installed (e.g. more than one anti-virus program) will make your system run slower, and they will go against one another thereby making them inefficient.

I advise you to uninstall the following programs except one of each kind through Control Panel > Add or Remove Programs (Windows XP) or Control Panel > Programs and Features > Uninstall a Program (Windows Vista & Windows 7):

AVG 2014 (Anti-virus)
F-Secure (Anti-virus)
Malwarebytes' Anti-Malware (Scanner)
McAfee Security Scan (Scanner)
SUPERAntiSpyware (Scanner)
Windows Defender (Scanner)My personal suggestion would be F-Secure and Malwarebytes' Anti-Malware. If you are having difficulties, please tell me.
  • Step 3
Download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.

    Posted Image

  • Copy and paste the following into the Custom Scans/Fixes box:

    :OTL
PRC - [2013/10/14 21:14:25 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013/10/14 21:14:17 | 001,673,680 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013/09/22 07:57:32 | 003,470,624 | ---- | M] (Conduit) -- C:\Users\Karen\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/05/08 02:18:34 | 000,097,056 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe
PRC - [2011/10/25 10:59:16 | 000,244,960 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
SRV - [2013/10/14 21:14:25 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/05/08 02:18:34 | 000,097,056 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2011/10/25 10:59:16 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
DRV - File not found [Unknown (-1) | Unknown (-1) | Unknown] -- -- (Updater Service for StartNow Toolbar)
IE - HKLM\..\SearchScopes\{136A6348-D601-4D57-A77A-BF9231B38261}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{A1170105-04F3-4615-8626-95D3A4FCDED9}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylo...000001bfca5897c
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.net
IE - HKCU\..\SearchScopes\{136A6348-D601-4D57-A77A-BF9231B38261}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{59978E0A-1C53-4D9A-A67F-D1473F7643AB}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{68FB0431-1FDE-4F8C-AF95-AA007B352EC0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-09-08 15:38:43&v=17.0.1.12&pid=safeguard&sg=15&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{A1170105-04F3-4615-8626-95D3A4FCDED9}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKCU\..\SearchScopes\{EFCF8DFF-292D-4FED-9250-18BED37345E0}: "URL" = http://search.condui...&ctid=CT1320680
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (BFlix Toolbar) - {a6bf16ab-42a1-4bc5-965d-5e407e449aaa} - C:\Program Files\bflixtoolbar\vmntemplateX.dll ()
O2 - BHO: (Shop to Win) - {A7878997-94DC-4FC7-8AEC-3038972E4D85} - C:\Program Files\Shop to Win 23\Shop to Win 23.dll (Shop To Win, LLC)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (no name) - {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (BFlix Toolbar) - {a6bf16ab-42a1-4bc5-965d-5e407e449aaa} - C:\Program Files\bflixtoolbar\vmntemplateX.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F92A9FE4-2850-4198-B9D5-279880E49B16} - No CLSID value found.
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Karen\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\RunOnce: [removeiMeshtoolbar] cmd.exe /c RD /S /Q "C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar" File not found
O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar" File not found
O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar" File not found
[2013/10/20 13:18:09 | 000,000,000 | ---D | C] -- C:\SearchProtect
[2013/10/18 07:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013/10/18 07:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\AskPartnerNetwork
[2013/10/18 07:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/10/22 00:00:41 | 000,000,596 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/03/13 14:31:13 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\DriverCure
[2013/07/24 20:26:15 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\SearchProtect
[2013/07/21 19:21:01 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢Ä¢?¢8520-1533-40C5-AD09-953C574F14BCÄ¢?¢) -- C:\ProgramData\䊈¢㼸¢Ä¢㎘¢8520-1533-40C5-AD09-953C574F14BCÄ¢㡨¢
[2013/07/21 19:21:01 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢Ä¢?¢8520-1533-40C5-AD09-953C574F14BCÄ¢?¢) -- C:\ProgramData\䊈¢㼸¢Ä¢㎘¢8520-1533-40C5-AD09-953C574F14BCÄ¢㡨¢
[2013/07/18 11:27:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǣ㼸ǣÄǣ㎘ǣ8520-1533-40C5-AD09-953C574F14BCÄǣ㡨ǣ
[2013/07/18 11:27:21 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǣ㼸ǣÄǣ㎘ǣ8520-1533-40C5-AD09-953C574F14BCÄǣ㡨ǣ
[2013/07/16 21:21:35 | 000,000,000 | ---D | M](C:\ProgramData\?c?cÄc?c8520-1533-40C5-AD09-953C574F14BCÄc?c) -- C:\ProgramData\䊐ċ㽀ċÄċ㎠ċ8520-1533-40C5-AD09-953C574F14BCÄċ㡰ċ
[2013/07/16 21:21:35 | 000,000,000 | ---D | M](C:\ProgramData\?c?cÄc?c8520-1533-40C5-AD09-953C574F14BCÄc?c) -- C:\ProgramData\䊐ċ㽀ċÄċ㎠ċ8520-1533-40C5-AD09-953C574F14BCÄċ㡰ċ
[2013/07/16 12:38:05 | 000,000,000 | ---D | M](C:\ProgramData\?,?,Ä,?,8520-1533-40C5-AD09-953C574F14BCÄ,?,) -- C:\ProgramData\䊈,㼸,Ä,㎘,8520-1533-40C5-AD09-953C574F14BCÄ,㡨,
[2013/07/16 12:38:05 | 000,000,000 | ---D | M](C:\ProgramData\?,?,Ä,?,8520-1533-40C5-AD09-953C574F14BCÄ,?,) -- C:\ProgramData\䊈,㼸,Ä,㎘,8520-1533-40C5-AD09-953C574F14BCÄ,㡨,
[2013/07/14 14:25:44 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈‚㼸‚Ä‚㎘‚8520-1533-40C5-AD09-953C574F14BCÄ‚㡨‚
[2013/07/14 14:25:44 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈‚㼸‚Ä‚㎘‚8520-1533-40C5-AD09-953C574F14BCÄ‚㡨‚
[2013/07/11 20:18:17 | 000,000,000 | ---D | M](C:\ProgramData\?;?;Ä;?;8520-1533-40C5-AD09-953C574F14BCÄ;?<img src='http://www.geekstogo.com/forum/public/style_emoticons/<#EMO_DIR#>/wink.gif' class='bbc_emoticon' alt=';)' /> -- C:\ProgramData\䊈;㼸;Ä;㎘;8520-1533-40C5-AD09-953C574F14BCÄ;㡨;
[2013/07/11 20:18:17 | 000,000,000 | ---D | M](C:\ProgramData\?;?;Ä;?;8520-1533-40C5-AD09-953C574F14BCÄ;?<img src='http://www.geekstogo.com/forum/public/style_emoticons/<#EMO_DIR#>/wink.gif' class='bbc_emoticon' alt=';)' /> -- C:\ProgramData\䊈;㼸;Ä;㎘;8520-1533-40C5-AD09-953C574F14BCÄ;㡨;
[2013/07/11 18:54:59 | 000,000,000 | ---D | M](C:\ProgramData\?Å?ÅÄÅ?Å8520-1533-40C5-AD09-953C574F14BCÄÅ?Å) -- C:\ProgramData\䊐Å㽀ÅÄÅ㎠Å8520-1533-40C5-AD09-953C574F14BCÄÅ㡰Å
[2013/07/11 18:54:59 | 000,000,000 | ---D | M](C:\ProgramData\?Å?ÅÄÅ?Å8520-1533-40C5-AD09-953C574F14BCÄÅ?Å) -- C:\ProgramData\䊐Å㽀ÅÄÅ㎠Å8520-1533-40C5-AD09-953C574F14BCÄÅ㡰Å
[2013/07/11 18:45:29 | 000,000,000 | ---D | M](C:\ProgramData\?t?tÄt?t8520-1533-40C5-AD09-953C574F14BCÄt?t) -- C:\ProgramData\䊈t㼸tÄt㎘t8520-1533-40C5-AD09-953C574F14BCÄt㡨t
[2013/07/11 18:45:29 | 000,000,000 | ---D | M](C:\ProgramData\?t?tÄt?t8520-1533-40C5-AD09-953C574F14BCÄt?t) -- C:\ProgramData\䊈t㼸tÄt㎘t8520-1533-40C5-AD09-953C574F14BCÄt㡨t
[2013/07/09 14:44:47 | 000,000,000 | ---D | M](C:\ProgramData\?H?HÄH?H8520-1533-40C5-AD09-953C574F14BCÄH?H) -- C:\ProgramData\䊈H㼸HÄH㎘H8520-1533-40C5-AD09-953C574F14BCÄH㡨H
[2013/07/09 14:44:47 | 000,000,000 | ---D | M](C:\ProgramData\?H?HÄH?H8520-1533-40C5-AD09-953C574F14BCÄH?H) -- C:\ProgramData\䊈H㼸HÄH㎘H8520-1533-40C5-AD09-953C574F14BCÄH㡨H
[2013/07/09 13:37:29 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䊈Ĝ㼸ĜÄĜ㎘Ĝ8520-1533-40C5-AD09-953C574F14BCÄĜ㡨Ĝ
[2013/07/09 13:37:29 | 000,000,000 | ---D | M](C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䊈Ĝ㼸ĜÄĜ㎘Ĝ8520-1533-40C5-AD09-953C574F14BCÄĜ㡨Ĝ
[2013/07/08 17:47:41 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䊈ǔ㼸ǔÄǔ㎘ǔ8520-1533-40C5-AD09-953C574F14BCÄǔ㡨ǔ
[2013/07/08 17:47:41 | 000,000,000 | ---D | M](C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䊈ǔ㼸ǔÄǔ㎘ǔ8520-1533-40C5-AD09-953C574F14BCÄǔ㡨ǔ
[2013/07/01 18:15:04 | 000,000,000 | ---D | M](C:\ProgramData\?Ô?ÔÄÔ?Ô8520-1533-40C5-AD09-953C574F14BCÄÔ?Ô) -- C:\ProgramData\䊈Ô㼸ÔÄÔ㎘Ô8520-1533-40C5-AD09-953C574F14BCÄÔ㡨Ô
[2013/07/01 18:15:04 | 000,000,000 | ---D | M](C:\ProgramData\?Ô?ÔÄÔ?Ô8520-1533-40C5-AD09-953C574F14BCÄÔ?Ô) -- C:\ProgramData\䊈Ô㼸ÔÄÔ㎘Ô8520-1533-40C5-AD09-953C574F14BCÄÔ㡨Ô
[2013/07/01 18:09:48 | 000,000,000 | ---D | M](C:\ProgramData\?d?dÄd?d8520-1533-40C5-AD09-953C574F14BCÄd?d) -- C:\ProgramData\䊈đ㼸đÄđ㎘đ8520-1533-40C5-AD09-953C574F14BCÄđ㡨đ
[2013/07/01 18:09:48 | 000,000,000 | ---D | M](C:\ProgramData\?d?dÄd?d8520-1533-40C5-AD09-953C574F14BCÄd?d) -- C:\ProgramData\䊈đ㼸đÄđ㎘đ8520-1533-40C5-AD09-953C574F14BCÄđ㡨đ
[2013/06/29 23:03:21 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ǎ㼸ǍÄǍ㎘Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡨Ǎ
[2013/06/29 23:03:21 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ǎ㼸ǍÄǍ㎘Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡨Ǎ
[2013/06/24 21:17:19 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ą㼸ąÄą㎘ą8520-1533-40C5-AD09-953C574F14BCÄą㡨ą
[2013/06/24 21:17:19 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ą㼸ąÄą㎘ą8520-1533-40C5-AD09-953C574F14BCÄą㡨ą
[2013/06/18 18:04:25 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐nj㽀njÄnj㎠nj8520-1533-40C5-AD09-953C574F14BCÄnj㡰nj
[2013/06/18 18:04:25 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐nj㽀njÄnj㎠nj8520-1533-40C5-AD09-953C574F14BCÄnj㡰nj
[2013/06/18 10:25:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǡ㼸ǡÄǡ㎘ǡ8520-1533-40C5-AD09-953C574F14BCÄǡ㡨ǡ
[2013/06/18 10:25:37 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǡ㼸ǡÄǡ㎘ǡ8520-1533-40C5-AD09-953C574F14BCÄǡ㡨ǡ
[2013/06/13 15:26:17 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ā㼸āÄā㎘ā8520-1533-40C5-AD09-953C574F14BCÄā㡨ā
[2013/06/13 15:26:17 | 000,000,000 | ---D | M](C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ā㼸āÄā㎘ā8520-1533-40C5-AD09-953C574F14BCÄā㡨ā
[2013/06/12 21:06:50 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ƹ㼸ƹÄƹ㎘ƹ8520-1533-40C5-AD09-953C574F14BCÄƹ㡨ƹ
[2013/06/12 21:06:50 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ƹ㼸ƹÄƹ㎘ƹ8520-1533-40C5-AD09-953C574F14BCÄƹ㡨ƹ
[2013/06/08 20:07:01 | 000,000,000 | ---D | M](C:\ProgramData\?e?eÄe?e8520-1533-40C5-AD09-953C574F14BCÄe?e) -- C:\ProgramData\䋨ě㾘ěÄě㏸ě8520-1533-40C5-AD09-953C574F14BCÄě㣈ě
[2013/06/08 20:07:01 | 000,000,000 | ---D | M](C:\ProgramData\?e?eÄe?e8520-1533-40C5-AD09-953C574F14BCÄe?e) -- C:\ProgramData\䋨ě㾘ěÄě㏸ě8520-1533-40C5-AD09-953C574F14BCÄě㣈ě
[2013/06/05 20:37:19 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ă㼸ĂÄĂ㎘Ă8520-1533-40C5-AD09-953C574F14BCÄĂ㡨Ă
[2013/06/05 20:37:19 | 000,000,000 | ---D | M](C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ă㼸ĂÄĂ㎘Ă8520-1533-40C5-AD09-953C574F14BCÄĂ㡨Ă
[2013/06/01 12:58:32 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈Ƕ㼸ǶÄǶ㎘Ƕ8520-1533-40C5-AD09-953C574F14BCÄǶ㡨Ƕ
[2013/06/01 12:58:32 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈Ƕ㼸ǶÄǶ㎘Ƕ8520-1533-40C5-AD09-953C574F14BCÄǶ㡨Ƕ
[2013/05/28 14:36:16 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈DZ㼸DZÄDZ㎘DZ8520-1533-40C5-AD09-953C574F14BCÄDZ㡨DZ
[2013/05/28 14:36:16 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈DZ㼸DZÄDZ㎘DZ8520-1533-40C5-AD09-953C574F14BCÄDZ㡨DZ
[2013/05/23 12:46:49 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǚ㼸ǙÄǙ㎘Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡨Ǚ
[2013/05/23 12:46:49 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǚ㼸ǙÄǙ㎘Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡨Ǚ
[2013/05/22 10:40:43 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐Š㽀ŠÄŠ㎠Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡰Š
[2013/05/22 10:40:43 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐Š㽀ŠÄŠ㎠Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡰Š
[2013/05/18 12:49:49 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǖ㼸ǕÄǕ㎘Ǖ8520-1533-40C5-AD09-953C574F14BCÄǕ㡨Ǖ
[2013/05/18 12:49:49 | 000,000,000 | ---D | M](C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǖ㼸ǕÄǕ㎘Ǖ8520-1533-40C5-AD09-953C574F14BCÄǕ㡨Ǖ
[2013/05/17 09:33:55 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǯ㼸ǯÄǯ㎘ǯ8520-1533-40C5-AD09-953C574F14BCÄǯ㡨ǯ
[2013/05/17 09:33:55 | 000,000,000 | ---D | M](C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǯ㼸ǯÄǯ㎘ǯ8520-1533-40C5-AD09-953C574F14BCÄǯ㡨ǯ
[2013/05/16 12:23:49 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䊈Ĕ㼸ĔÄĔ㎘Ĕ8520-1533-40C5-AD09-953C574F14BCÄĔ㡨Ĕ
[2013/05/16 12:23:49 | 000,000,000 | ---D | M](C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䊈Ĕ㼸ĔÄĔ㎘Ĕ8520-1533-40C5-AD09-953C574F14BCÄĔ㡨Ĕ
[2013/05/14 13:08:57 | 000,000,000 | ---D | M](C:\ProgramData\?!?!Ä!?!8520-1533-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䈨!㻘!Ä!㌸!8520-1533-40C5-AD09-953C574F14BCÄ!㠈!
[2013/05/14 13:08:57 | 000,000,000 | ---D | M](C:\ProgramData\?!?!Ä!?!8520-1533-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䈨!㻘!Ä!㌸!8520-1533-40C5-AD09-953C574F14BCÄ!㠈!
(C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǖ㼸ǕÄǕ㎘Ǖ8520-1533-40C5-AD09-953C574F14BCÄǕ㡨Ǖ
(C:\ProgramData\?U?UÄU?U8520-1533-40C5-AD09-953C574F14BCÄU?U) -- C:\ProgramData\䊈Ǚ㼸ǙÄǙ㎘Ǚ8520-1533-40C5-AD09-953C574F14BCÄǙ㡨Ǚ
(C:\ProgramData\?u?uÄu?u8520-1533-40C5-AD09-953C574F14BCÄu?u) -- C:\ProgramData\䊈ǔ㼸ǔÄǔ㎘ǔ8520-1533-40C5-AD09-953C574F14BCÄǔ㡨ǔ
(C:\ProgramData\?t?tÄt?t8520-1533-40C5-AD09-953C574F14BCÄt?t) -- C:\ProgramData\䊈t㼸tÄt㎘t8520-1533-40C5-AD09-953C574F14BCÄt㡨t
(C:\ProgramData\?Ô?ÔÄÔ?Ô8520-1533-40C5-AD09-953C574F14BCÄÔ?Ô) -- C:\ProgramData\䊈Ô㼸ÔÄÔ㎘Ô8520-1533-40C5-AD09-953C574F14BCÄÔ㡨Ô
(C:\ProgramData\?H?HÄH?H8520-1533-40C5-AD09-953C574F14BCÄH?H) -- C:\ProgramData\䊈H㼸HÄH㎘H8520-1533-40C5-AD09-953C574F14BCÄH㡨H
(C:\ProgramData\?G?GÄG?G8520-1533-40C5-AD09-953C574F14BCÄG?G) -- C:\ProgramData\䊈Ĝ㼸ĜÄĜ㎘Ĝ8520-1533-40C5-AD09-953C574F14BCÄĜ㡨Ĝ
(C:\ProgramData\?e?eÄe?e8520-1533-40C5-AD09-953C574F14BCÄe?e) -- C:\ProgramData\䋨ě㾘ěÄě㏸ě8520-1533-40C5-AD09-953C574F14BCÄě㣈ě
(C:\ProgramData\?E?EÄE?E8520-1533-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䊈Ĕ㼸ĔÄĔ㎘Ĕ8520-1533-40C5-AD09-953C574F14BCÄĔ㡨Ĕ
(C:\ProgramData\?d?dÄd?d8520-1533-40C5-AD09-953C574F14BCÄd?d) -- C:\ProgramData\䊈đ㼸đÄđ㎘đ8520-1533-40C5-AD09-953C574F14BCÄđ㡨đ
(C:\ProgramData\?c?cÄc?c8520-1533-40C5-AD09-953C574F14BCÄc?c) -- C:\ProgramData\䊐ċ㽀ċÄċ㎠ċ8520-1533-40C5-AD09-953C574F14BCÄċ㡰ċ
(C:\ProgramData\?Å?ÅÄÅ?Å8520-1533-40C5-AD09-953C574F14BCÄÅ?Å) -- C:\ProgramData\䊐Å㽀ÅÄÅ㎠Å8520-1533-40C5-AD09-953C574F14BCÄÅ㡰Å
(C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ą㼸ąÄą㎘ą8520-1533-40C5-AD09-953C574F14BCÄą㡨ą
(C:\ProgramData\?a?aÄa?a8520-1533-40C5-AD09-953C574F14BCÄa?a) -- C:\ProgramData\䊈ā㼸āÄā㎘ā8520-1533-40C5-AD09-953C574F14BCÄā㡨ā
(C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ă㼸ĂÄĂ㎘Ă8520-1533-40C5-AD09-953C574F14BCÄĂ㡨Ă
(C:\ProgramData\?A?AÄA?A8520-1533-40C5-AD09-953C574F14BCÄA?A) -- C:\ProgramData\䊈Ǎ㼸ǍÄǍ㎘Ǎ8520-1533-40C5-AD09-953C574F14BCÄǍ㡨Ǎ
(C:\ProgramData\?¢?¢Ä¢?¢8520-1533-40C5-AD09-953C574F14BCÄ¢?¢) -- C:\ProgramData\䊈¢㼸¢Ä¢㎘¢8520-1533-40C5-AD09-953C574F14BCÄ¢㡨¢
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐nj㽀njÄnj㎠nj8520-1533-40C5-AD09-953C574F14BCÄnj㡰nj
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊐Š㽀ŠÄŠ㎠Š8520-1533-40C5-AD09-953C574F14BCÄŠ㡰Š
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ƹ㼸ƹÄƹ㎘ƹ8520-1533-40C5-AD09-953C574F14BCÄƹ㡨ƹ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǯ㼸ǯÄǯ㎘ǯ8520-1533-40C5-AD09-953C574F14BCÄǯ㡨ǯ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈Ƕ㼸ǶÄǶ㎘Ƕ8520-1533-40C5-AD09-953C574F14BCÄǶ㡨Ƕ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈DZ㼸DZÄDZ㎘DZ8520-1533-40C5-AD09-953C574F14BCÄDZ㡨DZ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǡ㼸ǡÄǡ㎘ǡ8520-1533-40C5-AD09-953C574F14BCÄǡ㡨ǡ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈ǣ㼸ǣÄǣ㎘ǣ8520-1533-40C5-AD09-953C574F14BCÄǣ㡨ǣ
(C:\ProgramData\????Ä???8520-1533-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䊈‚㼸‚Ä‚㎘‚8520-1533-40C5-AD09-953C574F14BCÄ‚㡨‚
(C:\ProgramData\?;?;Ä;?;8520-1533-40C5-AD09-953C574F14BCÄ;?<img src='http://www.geekstogo.com/forum/public/style_emoticons/<#EMO_DIR#>/wink.gif' class='bbc_emoticon' alt=';)' /> -- C:\ProgramData\䊈;㼸;Ä;㎘;8520-1533-40C5-AD09-953C574F14BCÄ;㡨;
(C:\ProgramData\?,?,Ä,?,8520-1533-40C5-AD09-953C574F14BCÄ,?,) -- C:\ProgramData\䊈,㼸,Ä,㎘,8520-1533-40C5-AD09-953C574F14BCÄ,㡨,
(C:\ProgramData\?!?!Ä!?!8520-1533-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䈨!㻘!Ä!㌸!8520-1533-40C5-AD09-953C574F14BCÄ!㠈!

:Files
C:\Program Files\SearchProtect
C:\Program Files\StartNow Toolbar
C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemjindejndnepkdaeblngbnnbmloeoj
C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiljdmkckennnleegbmfddpbfnhfbjmm
C:\PROGRA~1\SEARCH~1
C:\Program Files\bflixtoolbar
C:\Program Files\Shop to Win 23
C:\ProgramData\WeCareReminder
C:\Program Files\Searchqu Toolbar

:Commands
[emptytemp]
  • Click Run Fix.
  • OTL will reboot your system. Allow it by clicking OK.
  • After a the reboot, a Notepad window will appear, named MMDDYYYY_HHMMSS.log. Alternatively, you can find that log at C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 4
Download 'AdwCleaner by Xplode' and save it to your desktop.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.
  • Click Scan and choose Clean after.
  • Wait for it to finish. It won't take long.
  • Click OK for the next prompts. Your system will automatically reboot.
  • A log will automatically pop-up after rebooting. Alternatively, you can find it at C:\AdwCleaner[S*].txt.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 5
If you haven't already, download 'OTL by OldTimer' and save it to your desktop.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.
  • Ensure that the following settings are followed. Make sure all other windows are closed and let it run uninterrupted.

    Posted Image

  • Click Run Scan.
  • After a short while, two Notepad windows will appear, named OTL.txt and Extras.txt. Alternatively, you can also find these at your desktop.
  • Copy and paste (CTRL + A and CTRL + C) the content of these logs in your next reply.
  • Logs to Post
In summary of the above, I will need you to post the following log(s):

  • MMDDYYYY_HHMMSS.log (OTL)
  • AdwCleaner[S*].txt (AdwCleaner)
  • Extras.txt (OTL)
  • OTL.txt (OTL)

  • 0

#4
karenmike
Posted 26 October 2013 - 06:22 PM

karenmike

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
This is Mike and Karen Albertson Sorry we missed your help our son suddenly took his life , We still need your your help if you would help we will be grateful the information that you sent us we will start working on ,Please keep working with us to got our computer straighten out
  • 0

#5
Pyxis
Posted 27 October 2013 - 10:22 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
I am very sorry to hear this... my prayers are with you and your family. Please know that the instructions I posted above are still valid, and that I will continue to help you until this system is clean.
  • 0

#6
karenmike
Posted 28 October 2013 - 04:56 PM

karenmike

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
we done what you sent i think can you check and let us know
  • 0

#7
Pyxis
Posted 29 October 2013 - 12:36 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
May I ask for the logs to be posted? You should be able to find four, as stated. Let me know if you encounter difficulties in locating these.

C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log
C:\AdwCleaner[S*].txt.
C:\Users\Karen\Downloads\OTL.txt
C:\Users\Karen\Downloads\Extras.txt


  • 0

#8
Pyxis
Posted 05 November 2013 - 10:15 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Are you experiencing difficulties with posting the logs? Please let me know so I can assist you.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP