Jump to content

issues with pup viruses


Recommended Posts

I am having issues with many PUP viruses that is logging down my computer and causing issues.

 

Here are the files requested.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660
Run by Kollasch Family at 21:36:12 on 2013-08-29
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3693.1772 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\servicing\TrustedInstaller.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mWinlogon: Userinit = userinit.exe,
BHO: {2CEBF6C7-2B40-469B-B5D5-CD3F3676C3C4} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: TopArcadeHits Games: {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Users\Kollasch Family\AppData\Local\TopArcadeHits\Toparcadehits.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Define: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Kollasch Family\AppData\Local\DefineExt\temp.dat
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2BC1PK8W05R7:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
uRun: [Google Update] "C:\Users\Kollasch Family\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [{E9AE9B9A-A99F-AA8F-27E8-A8E99BAE8b85}] "C:\Program Files (x86)\U.S. Cellular Broadband Connect\AvqAutoRun.exe" "C:\Program Files (x86)\U.S. Cellular Broadband Connect\mphonetools.exe" /OnPlug=%s
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

TCP: NameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{5B80D3B3-1E57-43F2-A5F5-D9C3050DDD7A} : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{5B80D3B3-1E57-43F2-A5F5-D9C3050DDD7A}\0516C61636560265965677027457563747 : DHCPNameServer = 192.168.182.1
TCP: Interfaces\{5B80D3B3-1E57-43F2-A5F5-D9C3050DDD7A}\365747479737 : DHCPNameServer = 97.64.168.12 97.64.183.165
TCP: Interfaces\{5B80D3B3-1E57-43F2-A5F5-D9C3050DDD7A}\45865634F6666656563586F607 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5B80D3B3-1E57-43F2-A5F5-D9C3050DDD7A}\A6F686E69707F60707562737 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5B80D3B3-1E57-43F2-A5F5-D9C3050DDD7A}\B4F6C6C616373686 : DHCPNameServer = 192.168.0.1 205.171.3.65
TCP: Interfaces\{5B80D3B3-1E57-43F2-A5F5-D9C3050DDD7A}\C45736B697F416B6 : DHCPNameServer = 192.168.0.1 205.171.3.25 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-7-10 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 45856]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-7-6 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-5 365568]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-4-8 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-3-1 2413056]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-15 701512]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-8-25 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-30 25928]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-3-1 338536]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-25 412264]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-8-25 1145448]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-8-25 44672]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 consumerinput_update;ConsumerInput Update Service (consumerinput_update);C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe /svc --> C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe  [?]
S2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [?]
S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [?]
S3 consumerinput_updatem;ConsumerInput Update Service (consumerinput_updatem);C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe /medsvc --> C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe  [?]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-27 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-08-30 02:26:29 -------- d-----w- C:\AdwCleaner
2013-08-30 02:22:05 -------- d-----w- C:\Users\Kollasch Family\AppData\Local\AVG SafeGuard toolbar
2013-08-30 02:21:46 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2013-08-30 02:21:43 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-08-30 02:01:17 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-08-30 01:56:46 -------- d-----w- C:\Users\Kollasch Family\AppData\Local\TopArcadeHits
2013-08-30 01:28:19 -------- d-----w- C:\Users\Kollasch Family\AppData\Local\DefineExt
2013-08-30 01:27:45 -------- d-----w- C:\Program Files (x86)\privoxy
2013-08-30 01:26:01 -------- d-----w- C:\Program Files (x86)\Web Protect
2013-08-30 01:07:03 -------- d-----w- C:\Program Files\CCleaner
2013-08-30 01:02:07 -------- d-----w- C:\Windows\ERUNT
2013-08-29 00:16:54 -------- d-----w- C:\Users\Kollasch Family\AppData\Roaming\1O1L1I1PtF1F1C1N
2013-08-29 00:16:01 -------- d-----w- C:\Windows\SysWow64\Extensions
2013-08-29 00:16:00 -------- d-----w- C:\Windows\SysWow64\searchplugins
2013-08-28 23:42:38 -------- d-----w- C:\Users\Kollasch Family\AppData\Local\FileTypeAssistant
2013-08-28 23:42:34 -------- d-----w- C:\Program Files (x86)\File Type Assistant
2013-08-28 23:40:47 -------- d-----w- C:\Program Files (x86)\Consumer Input
2013-08-28 23:39:25 -------- d-----w- C:\Program Files (x86)\Yahoo Browser Settings
2013-08-28 22:17:25 -------- d-----w- C:\Program Files (x86)\Seagate
2013-08-26 00:02:18 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-26 00:02:18 -------- d-----w- C:\Program Files\iTunes
2013-08-26 00:02:18 -------- d-----w- C:\Program Files\iPod
2013-08-14 14:30:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-08-14 14:30:59 1084928 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-08-14 14:30:59 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2013-08-14 14:30:57 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-14 14:30:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-14 14:18:38 -------- d-----w- C:\Windows\System32\MRT
2013-08-05 01:55:48 -------- d-----w- C:\Users\Kollasch Family\AppData\Roaming\Dropbox
.
==================== Find3M  ====================
.
2013-08-30 02:21:39 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-20 06:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-07-20 06:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-07-20 06:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-07-20 06:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-07-19 09:40:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-19 09:40:13 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-10 06:32:38 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-01 06:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2011-12-30 02:52:20 501 ----a-w- C:\Program Files (x86)\1229201120522004.bat
2011-12-29 22:11:06 492 ----a-w- C:\Program Files (x86)\1229201116110560.bat

 

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/25/2011 10:23:42 AM
System Uptime: 8/29/2013 9:29:34 PM (0 hours ago)
.
Motherboard: Hewlett-Packard |  | 3562
Processor: AMD E-450 APU with Radeon HD Graphics | Socket FT1 | 1650/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 448 GiB total, 273.024 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.544 GiB free.
E: is FIXED (FAT32) - 4 GiB total, 1.1 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP118: 8/10/2013 5:43:01 PM - Scheduled Checkpoint
RP119: 8/14/2013 9:17:12 AM - Windows Update
RP120: 8/26/2013 3:53:20 PM - Scheduled Checkpoint
RP121: 8/28/2013 5:15:03 PM - Installed Seagate Manager Installer
RP122: 8/29/2013 9:00:42 PM - Removed Uninstall Helper
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader Free Download Packages
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.5
Agatha Christie - Peril at End House
Amazon Kindle
AMD APP SDK Runtime
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression for Kodak
ATI Catalyst Install Manager
AVG 2013
AVG SafeGuard toolbar
Bejeweled 3
Blackhawk Striker 2
Blasterball 3
BLOCKBUSTER Movielink
bodybugg Software
Bonjour
Bounce Symphony
Cake Mania
Canon MP280 series MP Drivers
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CenturyLink QuickAssist Desktop Tools
Chronicles of Albian
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Consumer Input (remove only)
Coupon Printer for Windows
Cradle of Rome 2
CyberLink YouCam
D3DX10
Define Ext
ESU for Microsoft Windows 7 SP1
Evernote v. 4.2.3
Farm Frenzy
FATE
File Type Assistant
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.1.1.0
HP Auto
HP Client Services
HP Customer Experience Enhancements
HP Deskjet 3510 series Basic Device Software
HP Deskjet 3510 series Help
HP Deskjet 3510 series Product Improvement Study
HP Documentation
HP FWUpdateEDO2
HP Games
HP Launch Box
HP MovieStore
HP On Screen Display
HP Photo Creations
HP Power Manager
HP Product Detection
HP Quick Launch
HP QuickWeb
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
HP Update
HPDiagnosticAlert
IDT Audio
iTunes
Java 7 Update 10 (64-bit)
Jewel Quest: The Sleepless Star - Collector's Edition
Junk Mail filter update
Mah Jong Medley
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery of Mortlake Mansion
Namco All-Stars: PAC-MAN
Penguins!
Pinnacle Winter Pack
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
Recovery Manager
RoxioNow Player
Seagate Manager Installer
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Slingo Supreme
Snap.Do
Spybot - Search & Destroy
SUPERAntiSpyware
SureThing Express Labeler
Synaptics Pointing Device Driver
TopArcadeHits
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands
Virtual Villagers 5 - New Believers
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Widevine Media Optimizer IE 6.0.0
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
8/29/2013 9:32:44 PM, Error: Service Control Manager [7000]  - The ConsumerInput Update Service (consumerinput_update) service failed to start due to the following error:  The system cannot find the file specified.
8/29/2013 9:31:39 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/29/2013 9:31:36 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/29/2013 9:30:30 PM, Error: Service Control Manager [7000]  - The vToolbarUpdater15.5.0 service failed to start due to the following error:  The system cannot find the file specified.
8/29/2013 9:30:30 PM, Error: Service Control Manager [7000]  - The vToolbarUpdater15.4.0 service failed to start due to the following error:  The system cannot find the file specified.
8/29/2013 9:29:09 PM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
8/29/2013 9:23:05 PM, Error: Service Control Manager [7030]  - The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
8/29/2013 9:11:12 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
8/29/2013 9:11:12 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
8/29/2013 9:11:12 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/29/2013 9:11:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/29/2013 9:11:08 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/29/2013 9:11:08 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
8/29/2013 9:10:57 PM, Error: Service Control Manager [7034]  - The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
8/29/2013 9:10:32 PM, Error: Service Control Manager [7000]  - The Search Protect by Conduit Updater service failed to start due to the following error:  The system cannot find the file specified.
8/29/2013 8:54:50 PM, Error: Service Control Manager [7034]  - The Search Protect by Conduit Updater service terminated unexpectedly.  It has done this 1 time(s).
8/29/2013 8:54:48 PM, Error: Service Control Manager [7034]  - The vToolbarUpdater15.5.0 service terminated unexpectedly.  It has done this 1 time(s).
.
==== End Of File ===========================

 

Link to post
Share on other sites

Hello joesgirl and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall the following applications:

AVG SafeGuard toolbar

Coupon Printer for Windows

Define Ext

Snap.Do

TopArcadeHits

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows 7 Home Premium x64
Ran by Kollasch Family on Fri 08/30/2013 at 17:42:46.77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\compete
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3298566
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{31346E34-1F87-4516-86DF-CDBDA63DC9DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Kollasch Family\appdata\local\DefineExt"
Failed to delete: [Folder] "C:\Program Files (x86)\consumer input"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Kollasch Family\appdata\local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh
Successfully deleted: [Folder] C:\Users\Kollasch Family\appdata\local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/30/2013 at 18:00:11.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

# AdwCleaner v3.001 - Report created 29/08/2013 at 21:27:48
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kollasch Family - KOLLASCHFAMILY
# Running from : C:\Users\Kollasch Family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PB85X7S\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CltMngSvc
Service Deleted : DefaultTabSearch
Service Deleted : DefaultTabUpdate

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\PricePeep
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Kollasch Family\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Kollasch Family\AppData\Local\Smartbar
Folder Deleted : C:\Users\KOLLAS~1\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Kollasch Family\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Kollasch Family\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kollasch Family\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Kollasch Family\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Kollasch Family\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Kollasch Family\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\Kollasch Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Folder Deleted : C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Folder Deleted : C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\END
File Deleted : C:\Users\Kollasch Family\Desktop\Optimizer Pro.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKCU\Software\5aed8dcb23fb913
Key Deleted : HKLM\SOFTWARE\5aed8dcb23fb913
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DBBBC528-9C8C-4051-9187-ED6F01A457C9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7BAB653D-88FB-4F60-AFC2-8E6FD59FAFF3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8758BC4-4581-48C7-BA38-C1A650477AE9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmartbarBackup
Key Deleted : HKCU\Software\SmartbarLog
Key Deleted : HKCU\Software\AppDataLow\Software\Compete
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\PricePeep
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url

*************************

AdwCleaner[R0].txt - [15169 octets] - [29/08/2013 21:26:32]
AdwCleaner[s0].txt - [14633 octets] - [29/08/2013 21:27:48]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [14694 octets] ##########

Link to post
Share on other sites

This is from Today.....

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.30.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Kollasch Family :: KOLLASCHFAMILY [administrator]

8/30/2013 6:11:25 PM
mbam-log-2013-08-30 (18-11-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216416
Time elapsed: 6 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Link to post
Share on other sites

Still having a few issues today --  I just ran a new JRT report

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.7 (09.01.2013:1)
OS: Windows 7 Home Premium x64
Ran by Kollasch Family on Wed 09/04/2013 at 16:07:23.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

Successfully stopped: [service] 24x7helpsvc
Successfully deleted: [service] 24x7helpsvc
Successfully stopped: [service] consumerinput_updatem
Successfully deleted: [service] consumerinput_updatem

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24x7help
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pcfixspeed

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\24x7help
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\compete
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3213415694-2829343129-4187582008-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\24x7help
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a957f04c-49f4-4375-8c8a-d04b769efe47}_is1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

 

~~~ Files

Successfully deleted: [File] "C:\Users\Public\Desktop\24x7 help.lnk"

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcfixspeed"
Successfully deleted: [Folder] "C:\Users\Kollasch Family\AppData\Roaming\24x7 help"
Successfully deleted: [Folder] "C:\Users\Kollasch Family\AppData\Roaming\pcfixspeed"
Successfully deleted: [Folder] "C:\Users\Kollasch Family\appdata\local\filetypeassistant"
Failed to delete: [Folder] "C:\Program Files (x86)\24x7help"
Failed to delete: [Folder] "C:\Program Files (x86)\consumer input"
Successfully deleted: [Folder] "C:\Program Files (x86)\pcfixspeed"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 help"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc fix speed"
Successfully deleted: [Empty Folder] C:\Users\Kollasch Family\appdata\local\{B4632648-C199-451B-8652-C357DBE4F76F}

 

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Kollasch Family\appdata\local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp

 

~~~ Event Viewer Logs were cleared

Link to post
Share on other sites

Most current Anti-Malware

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Kollasch Family :: KOLLASCHFAMILY [administrator]

9/4/2013 4:32:00 PM
mbam-log-2013-09-04 (16-32-00).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 115983
Time elapsed: 50 minute(s), 7 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 13
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{35853321-818D-4B5D-AA6B-6C56DBBFEEE7} (PUP.Optional.WebProtect) -> Quarantined and deleted successfully.
HKCR\TypeLib\{F909BBB7-24F1-499C-88ED-CD8F8286A589} (PUP.Optional.WebProtect) -> Quarantined and deleted successfully.
HKCR\Interface\{8540A75D-34C4-4260-9DC0-839EC6BC76B4} (PUP.Optional.WebProtect) -> Quarantined and deleted successfully.
HKCR\WebProtect.WebProtect.1 (PUP.Optional.WebProtect) -> Quarantined and deleted successfully.
HKCR\WebProtect.WebProtect (PUP.Optional.WebProtect) -> Quarantined and deleted successfully.
HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\AdwCleaner\Quarantine\C\Users\Kollasch Family\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Kollasch Family\AppData\Local\Temp\ICReinstall_SoftwareUpdateSetup.exe (PUP.Optional.Installcore) -> Quarantined and deleted successfully.
C:\Users\Kollasch Family\AppData\Local\Temp\SoftwareUpdateSetup.exe (PUP.Optional.Installcore) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Link to post
Share on other sites

OTL logfile created on: 9/5/2013 6:42:47 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kollasch Family\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.61 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 39.06% Memory free
7.21 Gb Paging File | 4.68 Gb Available in Paging File | 64.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.78 Gb Total Space | 264.36 Gb Free Space | 59.04% Space Free | Partition Type: NTFS
Drive D: | 13.82 Gb Total Space | 1.54 Gb Free Space | 11.18% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.10 Gb Free Space | 27.79% Space Free | Partition Type: FAT32
 
Computer Name: KOLLASCHFAMILY | User Name: Kollasch Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/09/05 06:42:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kollasch Family\Downloads\OTL.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/17 07:13:42 | 000,840,064 | ---- | M] () -- C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
PRC - [2013/07/12 18:51:20 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/07/01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/15 19:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/05/21 18:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/04/08 14:01:16 | 000,586,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/04/08 14:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/28 15:02:40 | 001,867,464 | ---- | M] (Blockbuster) -- C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/01/26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/07/17 07:13:42 | 000,840,064 | ---- | M] () -- C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/23 15:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2011/07/06 02:08:26 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/07/05 13:27:04 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/12/17 06:41:36 | 000,276,992 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/19 04:40:14 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/11 11:17:00 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2011/06/28 18:12:08 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/06/21 17:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/05/21 18:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/04/08 14:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/28 15:02:40 | 001,867,464 | ---- | M] (Blockbuster) [Auto | Running] -- C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe -- (Movielink Core Service)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/09/04 16:04:16 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/10 01:32:38 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/07/01 01:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/21 03:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/22 16:42:02 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/09/22 16:42:02 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/07/23 15:35:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/23 15:35:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/06 02:50:28 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/06 01:32:20 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/09 21:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/05/30 17:03:34 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/05/18 16:33:00 | 001,145,448 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/04/16 05:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/16 05:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/12/17 06:41:36 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/11/30 17:02:54 | 000,412,264 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 19:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/17 11:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005/09/24 00:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{B30D4E50-8150-4E58-9D39-5E5F37C1346B}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kollasch Family\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kollasch Family\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kollasch Family\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013/02/23 11:25:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{3dc44ced-412e-4dcb-9608-2960c94be9ab}: C:\Program Files (x86)\LyriXeeker\130.xpi
 
[2013/08/29 20:56:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kollasch Family\AppData\Roaming\Mozilla\Extensions
[2013/08/29 20:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/29 20:28:26 | 000,000,000 | ---D | M] (Define Ext) -- C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: No name found = C:\Users\Kollasch Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {2CEBF6C7-2B40-469B-B5D5-CD3F3676C3C4} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [{E9AE9B9A-A99F-AA8F-27E8-A8E99BAE8b85}] "C:\Program Files (x86)\U.S. Cellular Broadband Connect\AvqAutoRun.exe" "C:\Program Files (x86)\U.S. Cellular Broadband Connect\mphonetools.exe" /OnPlug=%s File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Kollasch Family\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: bodybugg.com ([application] https in Trusted sites)
O16:64bit: - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B80D3B3-1E57-43F2-A5F5-D9C3050DDD7A}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL) -  File not found
O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{acf7b1d4-510b-11e2-b21c-101f74c6babe}\Shell - "" = AutoRun
O33 - MountPoints2\{acf7b1d4-510b-11e2-b21c-101f74c6babe}\Shell\AutoRun\command - "" = G:\KODAK_Camera_Setup_App.exe
O33 - MountPoints2\{ccff3ccb-17dd-11e1-a573-101f74c6babe}\Shell - "" = AutoRun
O33 - MountPoints2\{ccff3ccb-17dd-11e1-a573-101f74c6babe}\Shell\AutoRun\command - "" = G:\MI.exe
O33 - MountPoints2\{fdeed98d-7a18-11e2-bae1-101f74c6babe}\Shell - "" = AutoRun
O33 - MountPoints2\{fdeed98d-7a18-11e2-bae1-101f74c6babe}\Shell\AutoRun\command - "" = G:\Start.exe
O33 - MountPoints2\{fdeed98d-7a18-11e2-bae1-101f74c6babe}\Shell\menu1\command - "" = G:\Start.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\MI.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/09/04 21:34:19 | 000,000,000 | ---D | C] -- C:\Users\Kollasch Family\Desktop\virus checks
[2013/09/04 17:33:22 | 000,000,000 | ---D | C] -- C:\Users\Kollasch Family\AppData\Local\FileTypeAssistant
[2013/09/04 16:04:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/09/04 16:04:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\24x7Help
[2013/09/03 17:49:40 | 000,000,000 | ---D | C] -- C:\Users\Kollasch Family\AppData\Local\Facebook
[2013/08/29 21:26:29 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/29 21:22:05 | 000,000,000 | ---D | C] -- C:\Users\Kollasch Family\AppData\Local\AVG SafeGuard toolbar
[2013/08/29 21:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/08/29 20:56:50 | 000,000,000 | ---D | C] -- C:\Users\Kollasch Family\AppData\Roaming\Mozilla
[2013/08/29 20:28:28 | 000,000,000 | ---D | C] -- C:\Users\Kollasch Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Define Ext
[2013/08/29 20:27:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\privoxy
[2013/08/29 20:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Web Protect
[2013/08/29 20:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/08/29 20:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/08/29 20:02:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/28 19:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/08/28 19:16:54 | 000,000,000 | ---D | C] -- C:\Users\Kollasch Family\AppData\Roaming\1O1L1I1PtF1F1C1N
[2013/08/28 19:16:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/08/28 19:16:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/08/28 19:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/28 18:42:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Assistant
[2013/08/28 18:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Consumer Input
[2013/08/28 18:39:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2013/08/28 18:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo Browser Settings
[2013/08/28 17:17:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2013/08/25 19:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/08/25 19:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/08/25 19:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/08/25 19:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/08/22 08:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/08/14 09:48:35 | 000,000,000 | ---D | C] -- C:\Users\Kollasch Family\Desktop\Sherri's Workshop
[2013/08/14 09:31:09 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/14 09:31:08 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/14 09:31:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/14 09:31:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/14 09:31:06 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/14 09:31:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/14 09:31:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/14 09:31:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/14 09:31:06 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/14 09:31:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/14 09:31:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/14 09:31:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/14 09:31:03 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/14 09:31:02 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/14 09:31:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/14 09:18:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/14 08:17:44 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/14 08:17:43 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/14 08:17:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/14 08:17:20 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/14 08:17:20 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/14 08:17:17 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/14 08:17:16 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/14 08:17:15 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/14 08:17:15 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/14 08:17:14 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/14 08:17:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/14 08:17:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/14 08:17:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/14 08:17:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/14 08:17:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/08/14 08:17:11 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013/09/05 06:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/05 06:48:00 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\CIMT_S-1-5-21-3213415694-2829343129-4187582008-1001.job
[2013/09/05 06:46:00 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\ConsumerInputUpdateTaskMachineUA.job
[2013/09/05 06:18:28 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3213415694-2829343129-4187582008-1001UA.job
[2013/09/05 06:18:28 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/05 06:18:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/05 02:54:01 | 000,000,968 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3213415694-2829343129-4187582008-1001UA.job
[2013/09/05 02:15:03 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKollasch Family.job
[2013/09/04 21:54:13 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/04 21:54:13 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/04 21:53:21 | 000,727,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/04 21:53:21 | 000,624,856 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/04 21:53:21 | 000,106,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/04 21:46:11 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/04 21:46:09 | 000,000,984 | ---- | M] () -- C:\Windows\tasks\ConsumerInputUpdateTaskMachineCore.job
[2013/09/04 21:46:09 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/09/04 21:45:56 | 2904,219,648 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/04 18:56:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3213415694-2829343129-4187582008-1001Core.job
[2013/09/04 17:54:01 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3213415694-2829343129-4187582008-1001Core.job
[2013/09/04 16:04:16 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/09/04 16:04:10 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Optimize Your PC.lnk
[2013/09/04 16:03:34 | 000,001,171 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Continue Adobe Shockwave Player Free Download Installation.lnk
[2013/09/04 08:26:39 | 000,392,797 | ---- | M] () -- C:\Users\Kollasch Family\Documents\PartyMarketingFlyerfw2013.pdf
[2013/09/03 07:06:49 | 000,044,385 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\marit-2.jpg
[2013/09/03 07:06:37 | 000,078,432 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\marit-1.jpg
[2013/08/29 21:22:45 | 000,000,258 | RHS- | M] () -- C:\Users\Kollasch Family\ntuser.pol
[2013/08/29 20:55:41 | 000,002,377 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Search.lnk
[2013/08/29 20:07:05 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/28 19:21:20 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/08/28 19:15:18 | 000,001,171 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Continue Adobe Reader Free Download Installation.lnk
[2013/08/28 17:18:00 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Manager.lnk
[2013/08/25 19:02:54 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/25 18:13:30 | 000,080,413 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Chelsea-ellis.jpg
[2013/08/24 08:53:16 | 000,029,661 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\TS-Partystyle.jpg
[2013/08/22 10:45:01 | 000,019,529 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\beth-bird.jpg
[2013/08/22 08:55:56 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/08/22 08:30:22 | 000,030,457 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\dietitian_farley2.jpg
[2013/08/21 22:41:12 | 000,765,056 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\FallFamilyMealsMaster.pdf
[2013/08/20 21:23:38 | 002,915,351 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Date Mug.JPG
[2013/08/20 21:23:16 | 002,613,942 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Mug-Masters Mug.JPG
[2013/08/20 21:20:56 | 002,615,548 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\initial_mug.JPG
[2013/08/14 10:25:03 | 000,022,382 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\GoodbyeandWelcom.jpg
[2013/08/14 10:25:02 | 000,027,927 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\New looks.jpg
[2013/08/14 10:20:55 | 000,021,102 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Give Away Gluten.jpg
[2013/08/14 10:08:35 | 000,105,040 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Lorens-decals.jpg
[2013/08/13 08:42:12 | 003,413,036 | ---- | M] () -- C:\Users\Kollasch Family\Desktop\Facebook Marketing tips.pdf
 
========== Files Created - No Company Name ==========
 
[2013/09/04 16:04:10 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Optimize Your PC.lnk
[2013/09/04 16:03:34 | 000,001,171 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Continue Adobe Shockwave Player Free Download Installation.lnk
[2013/09/04 08:26:39 | 000,392,797 | ---- | C] () -- C:\Users\Kollasch Family\Documents\PartyMarketingFlyerfw2013.pdf
[2013/09/03 17:49:45 | 000,000,968 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3213415694-2829343129-4187582008-1001UA.job
[2013/09/03 17:49:45 | 000,000,946 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3213415694-2829343129-4187582008-1001Core.job
[2013/09/03 07:06:49 | 000,044,385 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\marit-2.jpg
[2013/09/03 07:06:37 | 000,078,432 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\marit-1.jpg
[2013/08/29 20:57:19 | 000,000,258 | RHS- | C] () -- C:\Users\Kollasch Family\ntuser.pol
[2013/08/29 20:55:41 | 000,002,475 | ---- | C] () -- C:\Users\Kollasch Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2013/08/29 20:55:41 | 000,002,377 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Search.lnk
[2013/08/29 20:07:05 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/28 19:21:20 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/08/28 19:21:19 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/08/28 19:15:18 | 000,001,171 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Continue Adobe Reader Free Download Installation.lnk
[2013/08/28 18:41:56 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\CIMT_S-1-5-21-3213415694-2829343129-4187582008-1001.job
[2013/08/28 18:41:06 | 000,000,988 | ---- | C] () -- C:\Windows\tasks\ConsumerInputUpdateTaskMachineUA.job
[2013/08/28 18:41:04 | 000,000,984 | ---- | C] () -- C:\Windows\tasks\ConsumerInputUpdateTaskMachineCore.job
[2013/08/28 17:18:00 | 000,002,148 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Manager.lnk
[2013/08/25 19:02:54 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/25 18:14:01 | 000,080,413 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Chelsea-ellis.jpg
[2013/08/24 08:53:31 | 000,029,661 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\TS-Partystyle.jpg
[2013/08/22 10:45:26 | 000,019,529 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\beth-bird.jpg
[2013/08/22 08:33:19 | 000,030,457 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\dietitian_farley2.jpg
[2013/08/21 22:41:12 | 000,765,056 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\FallFamilyMealsMaster.pdf
[2013/08/20 21:23:38 | 002,915,351 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Date Mug.JPG
[2013/08/20 21:23:17 | 002,613,942 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Mug-Masters Mug.JPG
[2013/08/20 21:20:56 | 002,615,548 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\initial_mug.JPG
[2013/08/14 11:43:14 | 000,022,382 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\GoodbyeandWelcom.jpg
[2013/08/14 11:42:56 | 000,027,927 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\New looks.jpg
[2013/08/14 10:25:47 | 000,021,102 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Give Away Gluten.jpg
[2013/08/14 10:08:34 | 000,105,040 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Lorens-decals.jpg
[2013/08/13 08:42:12 | 003,413,036 | ---- | C] () -- C:\Users\Kollasch Family\Desktop\Facebook Marketing tips.pdf
[2013/02/23 11:20:24 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/12/30 13:44:30 | 000,001,554 | -HS- | C] () -- C:\Users\Kollasch Family\AppData\Local\1p0otr640ox8p072eulh
[2011/12/30 13:44:30 | 000,001,554 | -HS- | C] () -- C:\ProgramData\1p0otr640ox8p072eulh
[2011/12/29 21:52:20 | 000,000,501 | ---- | C] () -- C:\Program Files (x86)\1229201120522004.bat
[2011/12/29 17:11:05 | 000,000,492 | ---- | C] () -- C:\Program Files (x86)\1229201116110560.bat
[2011/11/25 12:09:43 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 00:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 23:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:403264CC
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:882DBBF0
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:099A451B
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:3612C9BE

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 9/5/2013 6:42:47 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kollasch Family\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.61 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 39.06% Memory free
7.21 Gb Paging File | 4.68 Gb Available in Paging File | 64.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.78 Gb Total Space | 264.36 Gb Free Space | 59.04% Space Free | Partition Type: NTFS
Drive D: | 13.82 Gb Total Space | 1.54 Gb Free Space | 11.18% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.10 Gb Free Space | 27.79% Space Free | Partition Type: FAT32
 
Computer Name: KOLLASCHFAMILY | User Name: Kollasch Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0716D938-603E-4BC6-AB60-CB34DB910CC4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{25C5936F-6E99-48D3-9C73-A9DD87898E63}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C000BC5-7584-4DE3-A2FF-C685931A2AF7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2F6A0B96-D18A-49DB-BFE4-FFDE622D7834}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4950ED03-3633-4551-9527-8C9592DC7A8E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4CA3ABC0-7FDE-43B2-BA85-0A77C72ABC9D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{535991AC-8FB9-47DB-97BB-123CDEA72215}" = lport=139 | protocol=6 | dir=in | app=system |
"{5CCB5150-EF91-4846-A335-70F14D6BB3F2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{707F6F5B-BFB3-4CB0-898C-8A2C8C3E5348}" = rport=139 | protocol=6 | dir=out | app=system |
"{79F0B876-6D58-4170-8022-1180BB4A29C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{7DA3EFD0-94C0-4A75-AB89-109453A8AFFB}" = lport=138 | protocol=17 | dir=in | app=system |
"{7F0153C8-CC29-47ED-86DB-87F488E8C888}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8544E60C-2F52-4E6A-9B86-8502C3A01F52}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8FE5F8FA-994C-429E-AFED-48D09AF2D78F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9648FD13-5AD7-438C-BAF6-D454ADFA9704}" = lport=10243 | protocol=6 | dir=in | app=system |
"{970B6B17-55C2-4542-84EE-FAB0CFC5AA36}" = lport=137 | protocol=17 | dir=in | app=system |
"{9B790A59-AC80-4C21-974E-CB26447F0144}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A143F79D-6BE5-45E5-8BA1-65AE2212AB41}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5231A33-E103-4122-9A43-13EB68B98A24}" = lport=445 | protocol=6 | dir=in | app=system |
"{A6F0612C-5EB9-4631-972E-CB3FC41B3A3E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{ACBDE7C6-3872-4665-A5D4-DB0B6F160CA5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B2769CC8-52A3-46DA-BCC0-6CC2B6276E69}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3625AD8-4BD3-47CE-B941-599F32BFF9EE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E9A36DB3-B079-426C-ACA6-3403C593A871}" = rport=445 | protocol=6 | dir=out | app=system |
"{F0153061-D531-44A0-A4C1-35640AF72ADB}" = rport=138 | protocol=17 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0653F3BA-4C55-4F5B-B620-06628CE0245A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09FFA764-F1C2-40D5-8E83-60AF33158028}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{0A652E38-97E5-4585-8010-F86FF6438737}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0EC0A1B2-A065-4448-BA8A-57E81A247FB1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{143CDD6B-97B1-41EB-B3C7-A63B960D6AE7}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{198A9953-D3F6-4B08-A010-F5F1262B6645}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1A17D018-45C9-4615-9296-6EAD14769B82}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{2A6324D6-A250-4A19-B08A-24F88F183751}" = protocol=6 | dir=out | app=system |
"{2DA78684-DFA4-4DB0-AE91-94B6DECE8D33}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{2FC5B989-A17C-4C46-BB5C-5BD7BE1B955D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{359F87ED-3FCD-4A9E-B3B9-AFB1E230FCF7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{3C69A064-D349-42D6-A582-17C7DB635F1D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3D5CDC3E-6554-41C1-87F7-20F518239E98}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40091664-2800-4C24-BA90-D03C6817B147}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{41002F14-1C14-4E85-9364-40573DB31AAE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{427A7226-033C-4BBE-BBB4-8061C8CF6A25}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{437C81E5-E434-453C-B3BC-B02521760057}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C30B963-AD91-4355-A144-400FB336D383}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4D64B90A-57F5-45F6-9CFE-64F7C8E4A155}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{5998DB5E-DC75-45D9-BE53-6B4955E45513}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{59CA5D7D-E4E0-42F7-822F-AC4DCCEC19C3}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{5C7048F6-644A-4ADE-9FA8-8F0F482650FD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{5F455863-1F01-4BF1-A537-19FDD629CD8C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{6355CC00-130A-4BFC-BBFE-A516BD9CA954}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{68BA4372-B2EB-451D-9785-46D8D6A1FFCD}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe |
"{6D47D3E2-26B5-4726-97DE-6401FE758E98}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6FCAE474-0DD4-4D40-AECD-185C41B53121}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{70174A77-01E1-4857-87D5-1EA3D823A097}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{72C0F6FA-2E35-42D8-BFEA-13ECB3770889}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{7E146D01-9E46-4A76-B6F3-F7B3AABDB4A7}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe |
"{83FF5697-BD5D-4A30-B485-AC3F3BA44A4B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8B2A09BC-1A20-4152-BC42-097B4E4F9331}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{8C92C38F-800A-4220-B4E1-7465D3F24472}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8DC5AEC8-6648-4C5B-A3C1-D336460ADD2D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{8E01F157-649C-4F40-B621-D7531B20A8FA}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{94405B16-5238-415E-B51E-42892AF61D26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9BC7C348-0385-4EA0-9D74-5A78FC8FF6D8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9EF3F06C-3616-4703-BB6D-E3D3F1954EB9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F942C32-6E47-4C75-A80C-9A43BF260515}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{A62FD048-5B92-4B16-A43D-88E7ACDBF2B4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AC77D08F-9368-4A52-B2D9-FD37B7B7E88A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B9CABB53-0610-4E79-BF51-227213603605}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{BA45F3A0-9F34-45F4-94FC-ACAE4EC84403}" = dir=in | app=c:\users\kollasch family\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{BD68C36E-A25B-4D40-954F-39B9F9CA3EFE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C00BD5D4-7A9C-422E-9173-67CB3DCFB129}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA12BCF3-DEED-47E0-862C-4A10D4A9C7B6}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{CADF9CE1-B7CA-4D96-9CE4-3C609206DB4D}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{CE5B9477-A194-4F72-BE83-61B61D8934FC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D8AD3454-BF19-45DF-8748-D2817FD947C9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{E5A4D4F8-4D3D-4674-A719-689699F70367}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe |
"{EE12189A-3AA1-43F7-A06E-89C7AC914702}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{EE92E1FF-8372-4357-A5C7-8878232AF769}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{EFE48564-8F85-498F-9389-A227646F47E3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F72EF080-9188-4893-AB62-07493D070811}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F8EA8696-6640-4EAC-87FA-311E0C83C9B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F91622B5-137F-4E52-87D0-3CA5DD24E345}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FB31194F-2B2C-4EE0-9DEA-152DE3716BA9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FC1AAD97-3950-4E40-99B0-B67F4A697908}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"TCP Query User{0203EDF2-50B1-4A52-9820-A9A1C1121A75}C:\windows\syswow64\svchost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"TCP Query User{8A1879ED-962A-47EC-9063-E87F95A6CD41}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{75083553-776F-4500-9175-8FD50D562484}C:\windows\syswow64\svchost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0AB0989D-2EBF-4772-830A-B370E0D7ED71}" = HP Deskjet 3510 series Basic Device Software
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2CFC157D-6224-4072-9732-54DD8C07F334}" = HP Deskjet 3510 series Product Improvement Study
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes
"{48C46F0E-7B86-AC31-ACFC-2B40F1C90ACE}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FF9E8AA-D554-4CE7-89F9-B69DAA5A1E98}" = AVG 2013
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6153098B-60DB-6A9F-EA0F-B006A96B57D5}" = ATI Catalyst Install Manager
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6B02D047-A56D-4994-B1F1-53DA6B9885AB}" = AVG 2013
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}" = HP Launch Box
"{AADE02D5-DCBF-04C3-CD05-ABA83D28BC4A}" = AMD Fuel
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBA2849B-6C95-9FD2-7ACC-BF456F1958AA}" = AMD Media Foundation Decoders
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{15412249-0AFA-D2A1-E7E2-E57AE1A96781}" = CCC Help Swedish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19EAB36E-A979-0870-F58F-6F4F34017D29}" = CCC Help Chinese Traditional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2070F457-B044-FCEE-B6DA-CB2C12CD76A5}" = CCC Help German
"{224CA902-F494-FD2A-4211-771454ED464B}" = CCC Help English
"{22E23DF0-7FAE-4DA2-9DA2-45B984AA742C}_is1" = CenturyLink QuickAssist Desktop Tools
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{252FC4D1-4056-7237-6B19-4C66D0CF45A9}" = CCC Help Dutch
"{25F3EC6C-BB03-4CEB-B36C-E656A9DD149E}" = HP Documentation
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3BE2E4AA-C164-FEB5-6C82-BBBC90C88915}" = CCC Help Hungarian
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{44D822AA-DA6D-1915-4B64-60D06AE613CE}" = CCC Help Danish
"{4A917E5E-2567-C01E-7F41-AF09DAE523A1}" = AMD VISION Engine Control Center
"{5036764A-435D-40C9-869C-31085A3D741D}" = HP Setup
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5377D0E6-0B77-5C94-A3F8-2A7C0E5791A1}" = CCC Help French
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5FE625A7-E8D6-2E41-4693-F6AC6310C467}" = CCC Help Polish
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67330878-0617-41A9-A3B0-B5298E89E7BC}" = Pinnacle Winter Pack
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C302296-6129-4125-9FD6-2188ECD8814E}" = HP Software Framework
"{6F076041-F337-5F67-75E7-6C1324D43EC6}" = CCC Help Japanese
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7FA82763-D04B-A656-159B-BD8847176377}" = CCC Help Russian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{955CB8C1-F5F9-B649-FC65-FD65F9EC0459}" = CCC Help Korean
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}" = HP Deskjet 3510 series Help
"{97E33108-2206-087B-9399-29F5201AAC98}" = CCC Help Portuguese
"{999164B6-5B78-4DD3-BACE-7292640AD0DD}" = HP QuickWeb
"{9B3CC933-5EF7-A868-7B74-1A227394566E}" = CCC Help Finnish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1ACD45F-0D8E-0566-0EC0-530CDCD7E8F4}" = Catalyst Control Center Graphics Previews Common
"{A3D1D38D-9C85-7BEB-5AC8-EC2D90E2882A}" = CCC Help Czech
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A440179F-D169-B9DA-B478-6CE97FDB3D4C}" = CCC Help Greek
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABEF00D0-FCAE-4E47-8D4E-D4AE5FD72B15}" = HP Quick Launch
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B898ABBB-4723-84B5-04C4-32A15F9DBD48}" = CCC Help Chinese Standard
"{B91459FD-63A9-71E3-68F1-82352B0892B3}" = Catalyst Control Center Localization All
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B976E52C-93A3-5CD1-FF67-658877850EDD}" = CCC Help Italian
"{BEDC570A-C947-D0C8-3014-A1EAA042779D}" = CCC Help Turkish
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2EE0EA6-826F-63EA-8751-E2F3714DBA40}" = CCC Help Thai
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CA72A82C-7DBC-4814-8CCB-E5BFAC59FAEF}" = ArcSoft MediaImpression for Kodak
"{CB706270-54EA-4E48-9FFB-0B95FA04DBE6}" = bodybugg Software
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7670221-BF9B-4DFF-B26B-5BE55A87329F}" = HP On Screen Display
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5441D19-417C-8C34-3F31-CCBD563C946E}" = Catalyst Control Center InstallProxy
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
"{EA8CC2F2-BC30-141C-92B6-CC870B4B2977}" = CCC Help Spanish
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1" = PC Fix Speed 1.2.0.25
"{F8FBF4C7-5ADA-66B1-6509-09E05C257963}" = CCC Help Norwegian
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"Consumer Input Installer" = Consumer Input (remove only)
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{25F31730-1B6C-4E8E-A3B9-818DC0CD961D}" = Seagate Manager Installer
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{CB706270-54EA-4E48-9FFB-0B95FA04DBE6}" = bodybugg Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Movielink Manager" = BLOCKBUSTER Movielink
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"stax-Pinnacle_is1" = SureThing Express Labeler
"Trusted Software Assistant_is1" = File Type Assistant
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-040f9784-63f3-4f3e-bd40-1f2a0d8ba6c3" = Mystery of Mortlake Mansion
"WTA-04313254-a794-4c26-9c59-99d35637cc4a" = Poker Superstars III
"WTA-0f534765-bc84-4ade-9cae-c8e928af7749" = FATE
"WTA-0fc7fff4-9218-4898-bd6c-0011c82f799d" = Namco All-Stars: PAC-MAN
"WTA-1a4cf227-ef37-4f42-ad9b-e444dd09c946" = Zuma Deluxe
"WTA-1ee7d6ce-d3d1-46f9-a78a-3bc763fcda9a" = Plants vs. Zombies - Game of the Year
"WTA-32458b74-cad2-46f4-850c-a53230b6e2f7" = Cake Mania
"WTA-337e8765-baaf-4d1b-926a-8a82e5f12da5" = Vacation Quest - The Hawaiian Islands
"WTA-407d98c4-18fc-4ef7-9a97-5a0f2d41b8b5" = Slingo Supreme
"WTA-474094c4-3a4a-4ab9-84af-696becc4a8ee" = Chronicles of Albian
"WTA-4d373d96-4703-490f-9b29-6c81c5d101ab" = Virtual Villagers 5 - New Believers
"WTA-50b62549-7aac-49f1-a53c-6e4e9cd8f102" = Bounce Symphony
"WTA-547178c5-1c36-4c48-b086-f8c624ad8436" = Polar Golfer
"WTA-6eb48837-6c85-43b7-8d75-8665dc4d8c00" = Cradle of Rome 2
"WTA-7108fa79-639f-429d-8b6f-0eef5dbfeec7" = Bejeweled 3
"WTA-799782d6-41a5-4b59-886b-3a656cfdd83f" = Penguins!
"WTA-7e99e67d-5ac1-4b86-94d3-2641f000878c" = Blackhawk Striker 2
"WTA-9082177a-eff6-4fc1-a3fa-a08db2a4da78" = Agatha Christie - Peril at End House
"WTA-960f3a8e-e3b7-4af9-b4d2-6ef888e120e2" = Farm Frenzy
"WTA-9c1fc5cb-3521-464e-b3f7-8ee2e9b25bbf" = Mah Jong Medley
"WTA-a9cd5358-027c-41a9-8c8d-3b4af2c8c7e8" = Chuzzle Deluxe
"WTA-c82b8bad-2c52-469e-bcce-b952cd161642" = Polar Bowler
"WTA-d0695586-6f54-4021-bb3a-dc5d458bb041" = Governor of Poker 2 Premium Edition
"WTA-da2aa372-86b7-4a5a-90f4-2a11efffa968" = Blasterball 3
"WTA-f1ca1cd9-ae6d-48bb-b8bb-f747d5df9934" = Jewel Quest: The Sleepless Star - Collector's Edition
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Reader Free Download Packages" = Adobe Reader Free Download Packages
"Amazon Kindle" = Amazon Kindle
"Define Ext" = Define Ext
"optimizer_ie" = Widevine Media Optimizer IE 6.0.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 9/4/2013 6:27:40 PM | Computer Name = KollaschFamily | Source = WinMgmt | ID = 10
Description =
 
Error - 9/4/2013 8:07:03 PM | Computer Name = KollaschFamily | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
 - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8.  The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
 
Error - 9/4/2013 10:46:34 PM | Computer Name = KollaschFamily | Source = WinMgmt | ID = 10
Description =
 
Error - 9/5/2013 1:32:30 AM | Computer Name = KollaschFamily | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
 - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8.  The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
 
[ Hewlett-Packard Events ]
Error - 11/21/2012 8:07:47 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 8:31:56 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 8:44:41 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 8:45:30 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 11:21:40 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 11:44:28 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 11:45:03 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 11:45:42 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 11:46:35 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
Error - 11/21/2012 11:47:23 PM | Computer Name = KollaschFamily | Source = HPSF.exe | ID = 4000
Description =
 
[ System Events ]
Error - 9/4/2013 6:27:57 PM | Computer Name = KollaschFamily | Source = DCOM | ID = 10016
Description =
 
Error - 9/4/2013 6:29:00 PM | Computer Name = KollaschFamily | Source = Service Control Manager | ID = 7000
Description = The ConsumerInput Update Service (consumerinput_update) service failed
 to start due to the following error:   %%2
 
Error - 9/4/2013 10:44:29 PM | Computer Name = KollaschFamily | Source = DCOM | ID = 10010
Description =
 
Error - 9/4/2013 10:44:34 PM | Computer Name = KollaschFamily | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
 error:   %%5
 
Error - 9/4/2013 10:45:09 PM | Computer Name = KollaschFamily | Source = Service Control Manager | ID = 7043
Description = The AVGIDSAgent service did not shut down properly after receiving
 a preshutdown control.
 
Error - 9/4/2013 10:46:26 PM | Computer Name = KollaschFamily | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater15.4.0 service failed to start due to the following
 error:   %%2
 
Error - 9/4/2013 10:46:26 PM | Computer Name = KollaschFamily | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater15.5.0 service failed to start due to the following
 error:   %%2
 
Error - 9/4/2013 10:47:09 PM | Computer Name = KollaschFamily | Source = DCOM | ID = 10016
Description =
 
Error - 9/4/2013 10:47:31 PM | Computer Name = KollaschFamily | Source = DCOM | ID = 10016
Description =
 
Error - 9/4/2013 10:48:46 PM | Computer Name = KollaschFamily | Source = Service Control Manager | ID = 7000
Description = The ConsumerInput Update Service (consumerinput_update) service failed
 to start due to the following error:   %%2
 
 
< End of report >

Link to post
Share on other sites

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{3dc44ced-412e-4dcb-9608-2960c94be9ab}: C:\Program Files (x86)\LyriXeeker\130.xpi

    [2013/08/29 20:28:26 | 000,000,000 | ---D | M] (Define Ext) -- C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com

    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

    [2013/09/04 16:04:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar

    :files

    C:\Program Files (x86)\LyriXeeker

    ipconfig /flushdns /c

    :Commands

    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.
Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles
Link to post
Share on other sites

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{3dc44ced-412e-4dcb-9608-2960c94be9ab} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3dc44ced-412e-4dcb-9608-2960c94be9ab}\ not found.
File C:\Program Files (x86)\LyriXeeker\130.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\windows scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\window scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\utils scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\traits scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\tabs scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\system scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\l10n scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\events scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\event scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\dom scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\content scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\addon scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\lib scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\data scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\api-utils scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\lib scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\data scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\addon-kit scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\tests scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\lib scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\data scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\a scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\resources scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\locale scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\preferences scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\defaults scheduled to be moved on reboot.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\.svn\tmp\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\.svn\tmp\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\.svn\tmp\prop-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\.svn\tmp folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\.svn\text-base folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\.svn\props folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\.svn\prop-base folder moved successfully.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com\.svn scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com scheduled to be moved on reboot.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ not found.
Folder C:\Program Files (x86)\AVG SafeGuard toolbar\ not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\LyriXeeker not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Kollasch Family\Downloads\cmd.bat deleted successfully.
C:\Users\Kollasch Family\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Kollasch Family
->Temp folder emptied: 130806779 bytes
->Temporary Internet Files folder emptied: 213239096 bytes
->Java cache emptied: 2395863 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 506 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1844321 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 37400 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42323425 bytes
RecycleBin emptied: 1008610 bytes
 
Total Files Cleaned = 374.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 09062013_154028
 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.