[help :)]

All processes killed

Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope => in the current context!

Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope => in the current context!

Error: Unable to interpret <IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope => in the current context!

Error: Unable to interpret <IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope => in the current context!

Error: Unable to interpret <IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope => in the current context!

Error: Unable to interpret <IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\..\SearchScopes,DefaultScope => in the current context!

Error: Unable to interpret <FF - user.js - File not found> in the current context!

Error: Unable to interpret <[2013/04/22 19:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sunnyjones\AppData\Roaming\Mozilla\Extensions> in the current context!

Error: Unable to interpret <[2013/08/16 21:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sunnyjones\AppData\Roaming\Mozilla\Firefox\Profiles\74v95my7.default\extensions> in the current context!

Error: Unable to interpret <[2013/05/27 20:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser> in the current context!

Error: Unable to interpret <O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" File not found> in the current context!

Error: Unable to interpret <O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" File not found> in the current context!

Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context!

Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)> in the current context!

Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)> in the current context!

Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)> in the current context!

Error: Unable to interpret < > in the current context!

Error: Unable to interpret < > in the current context!

========== COMMANDS ==========

 

[EMPTYJAVA]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Public

 

User: sunnyjones

->Java cache emptied: 0 bytes

 

Total Java Files Cleaned = 0.00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Public

 

User: sunnyjones

->Flash cache emptied: 20196 bytes

 

Total Flash Files Cleaned = 0.00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

 

User: sunnyjones

->Temp folder emptied: 110833799 bytes

->Temporary Internet Files folder emptied: 18796680 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 323280738 bytes

->Google Chrome cache emptied: 300449546 bytes

->Flash cache emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 167587665 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42304214 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

RecycleBin emptied: 16990 bytes

 

Total Files Cleaned = 919.00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

Restore point Set: OTL Restore Point

 

OTL by OldTimer - Version 3.2.69.0 log created on 08172013_142225

 

Files\Folders moved on Reboot...

File move failed. C:\Users\sunnyjones\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

File move failed. C:\Users\sunnyjones\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.

C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.

C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.

C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.

C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.

File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

File\Folder C:\Windows\temp\TMP0000000DCF9C169B0E93F277 not found!

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

[help :)]

KScanner 2.3 - Additional Security Risks - These are not necessarily bad

c:\program files (x86)\hp games\farm frenzy\wtmui_es\data\sounds\bear_crack_cat.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_es\data\sounds\bear_crack_cow.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_es\data\sounds\bear_crack_goose.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_es\data\sounds\bear_crack_product.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_es\data\sounds\bear_crack_sheep.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_it\data\sounds\bear_crack_cat.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_it\data\sounds\bear_crack_cow.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_it\data\sounds\bear_crack_goose.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_it\data\sounds\bear_crack_product.ogg

c:\program files (x86)\hp games\farm frenzy\wtmui_it\data\sounds\bear_crack_sheep.ogg

c:\program files (x86)\wildgames\nightfall mysteries asylum conspiracy\swfs\windows\wallcrack.swf

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\ce\deletedscene\splashdowncargoho\layouts\object_ls_nutscrackers.jpg.bin

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\ce\deletedscene\splashdowncargoho\layouts\int_ls_nutscrackers\hot_spot.raw

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_01\cockpit\layouts\main\obj_glasscrack\object.txt

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_01\cockpit\layouts\main\obj_glasscrack2\object.txt

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_01\cockpit\sfx\windshield_crack_1.ogg

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_01\cockpit\sfx\windshield_crack_2.ogg

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_01\cockpit\sfx\windshield_crack_3.ogg

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_01\cockpit\sfx\windshield_crack_4.ogg

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_03\compass_cu\layouts\crackmist.jpg.bin

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_05\bedroom_tableho\layouts\glass_crack.jpg.bin

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_05\bedroom_tableho\layouts\obj_mirror\crack1.anm

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_05\bedroom_tableho\layouts\obj_mirror\crack2.anm

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_05\bedroom_tableho\sfx\mirror_cracked.ogg

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_06\library_hatch\layouts\crack1.jpg.bin

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_06\library_hatch\layouts\crack2.jpg.bin

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_06\library_hatch\layouts\crack3.jpg.bin

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_06\library_hatch\layouts\crack4.jpg.bin

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_06\library_hatch\sfx\ice_crack_trim.ogg

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_07\researchers_table\layout\obj_radio\crack.anm

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_07\researchers_table\layout\obj_radio\crack2.anm

c:\program files (x86)\wildtangent games\games\hauntingmysteriestheislandoflostsoulspremiumedition\data\game\chapter_07\researchers_table\sfx\mirror_cracked.ogg

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\explosion_bez_sabli.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\explosion_bez_sabli_mask.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\explosion_sablya.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\explosion_sablya_mask.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\fight.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\fight_mask.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\snowman_blows.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\snowman_blows_mask.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\snowman_sani.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\snowman_sani_mask.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\sova_maska.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\sova_maska_mask.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\sova_unfreeze.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\sova_unfreeze_mask.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\zatvorki.ogv

c:\program files (x86)\wildtangent games\games\weirdparkscarytales\video\nutcracker\zatvorki_mask.ogv

scanner sequence 3.ZZ.11.DAAPQI

 ----- EOF ----- 

[help :)]

the custom scan/fix there wasnt anything to post??

[help :)]

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.16.07

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

sunnyjones :: SUNNYJONES-HP [administrator]

 

8/17/2013 1:55:39 PM

mbam-log-2013-08-17 (13-55-39).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 218406

Time elapsed: 11 minute(s), 38 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 15

C:\Users\sunnyjones\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\installer.exe (PUP.Optional.MSILLauncher) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\setup__120.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\Player_Setup.exe (PUP.Optional.MSILLauncher) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\Produtools_Forms_B2 (1).exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\Produtools_Forms_B2.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\rcpsetup_ad_gen_ad_lp2_us (1).exe (PUP.Optional.RegCleanerPro) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\rcpsetup_ad_gen_ad_lp2_us.exe (PUP.Optional.RegCleanerPro) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\rcpsetup_latest.exe (PUP.Optional.RegCleanerPro) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\36HFG34Y\stublogic[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\Vafmusic2[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\Vafmusic2_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\TZCZKYVI\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

 

(end)

[help :)]

ok this is all of it!! the shockwave player: when i am playing game on facebook it pops up on the top of the screen in yellow and has a said face and says a plug in ( shockwave player) has crashed or not responding then a little box will pop up and say whatever game i am playing has become unresponsive want to wait or kill page it drives me crazy!! 

[help :)]

OTL logfile created on: 8/16/2013 10:34:27 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\sunnyjones\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16660)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

1.60 Gb Total Physical Memory | 0.33 Gb Available Physical Memory | 20.56% Memory free

3.21 Gb Paging File | 1.44 Gb Available in Paging File | 44.84% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 218.92 Gb Total Space | 132.30 Gb Free Space | 60.43% Space Free | Partition Type: NTFS

Drive D: | 13.67 Gb Total Space | 1.70 Gb Free Space | 12.46% Space Free | Partition Type: NTFS

Drive E: | 551.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Drive G: | 99.18 Mb Total Space | 89.03 Mb Free Space | 89.77% Space Free | Partition Type: FAT32

 

Computer Name: SUNNYJONES-HP | User Name: sunnyjones | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2013/08/16 22:32:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sunnyjones\Downloads\OTL.com

PRC - [2013/07/12 22:40:31 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Users\sunnyjones\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe

PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2013/05/09 02:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2013/05/09 02:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012/11/05 02:50:12 | 000,377,800 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

PRC - [2012/09/28 15:42:08 | 000,298,376 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

PRC - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2011/08/19 15:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

PRC - [2011/07/11 15:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

PRC - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

PRC - [2011/07/06 20:13:48 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

PRC - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012/11/05 02:50:12 | 000,377,800 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

MOD - [2012/08/06 03:54:24 | 009,843,640 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll

MOD - [2010/11/11 03:24:31 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll

MOD - [2010/07/13 07:07:23 | 007,826,432 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll

MOD - [2010/07/05 03:19:39 | 000,116,736 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll

MOD - [2010/06/23 19:16:19 | 002,150,400 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll

MOD - [2010/06/01 23:05:40 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll

MOD - [2010/06/01 20:56:04 | 000,232,960 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll

MOD - [2010/06/01 20:54:24 | 002,530,816 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll

MOD - [2010/06/01 20:29:22 | 000,934,912 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll

MOD - [2010/06/01 20:28:00 | 000,335,360 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2013/05/09 02:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2011/03/04 13:50:26 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2011/03/04 13:44:40 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/08/05 20:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)

SRV:64bit: - [2010/07/21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)

SRV:64bit: - [2010/06/17 07:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)

SRV:64bit: - [2009/11/17 20:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2013/05/27 20:47:09 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)

SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)

SRV - [2011/03/01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)

SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)

SRV - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)

SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2013/08/14 14:42:29 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2013/08/14 14:42:29 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2013/08/14 14:42:29 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)

DRV:64bit: - [2013/05/09 02:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2013/05/09 02:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)

DRV:64bit: - [2013/05/09 02:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2013/05/09 02:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2013/05/09 02:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2013/02/25 00:21:32 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)

DRV:64bit: - [2012/12/06 04:30:08 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/12/06 04:30:03 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/12/06 04:29:59 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/09/28 15:14:58 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (Leapfrog-USBLAN)

DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/12/05 17:33:38 | 001,145,448 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)

DRV:64bit: - [2011/10/15 18:00:08 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)

DRV:64bit: - [2011/08/01 16:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)

DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)

DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/03/05 01:16:20 | 000,436,840 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/04 16:01:18 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011/03/04 13:16:48 | 000,295,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011/02/15 13:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)

DRV:64bit: - [2010/11/29 06:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/11 20:16:00 | 000,037,504 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)

DRV:64bit: - [2010/11/11 20:15:58 | 000,077,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)

DRV:64bit: - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)

DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes,DefaultScope = 

 

 

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\sunnyjones\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\sunnyjones\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\sunnyjones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/08/14 10:20:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2013/04/22 19:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sunnyjones\AppData\Roaming\Mozilla\Extensions

[2013/08/16 21:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sunnyjones\AppData\Roaming\Mozilla\Firefox\Profiles\74v95my7.default\extensions

[2013/05/27 20:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[2013/05/27 20:47:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\sunnyjones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll

CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

 

O1 HOSTS File: ([2013/04/22 19:36:43 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()

O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" File not found

O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O1364bit: - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8445F7AB-EF8C-4619-B882-39F55811BDD9}: DhcpNameServer = 192.168.1.1

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/02/10 19:02:00 | 000,000,016 | R--- | M] () - E:\AUTOPLAY.BAT -- [ UDF ]

O32 - AutoRun File - [2011/02/10 19:02:00 | 000,000,055 | R--- | M] () - E:\AUTORUN.INF -- [ UDF ]

O33 - MountPoints2\{ad6f8475-f14f-11e0-9c1f-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{ad6f8475-f14f-11e0-9c1f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\PopCDRun.exe -- [2011/02/10 19:00:44 | 000,300,376 | R--- | M] ()

O34 - HKLM BootExecute: (/sync /restart)

O34 - HKLM BootExecute: (/sync /restart)

O34 - HKLM BootExecute: (/sync /restart)

O34 - HKLM BootExecute: (/sync /restart)

O34 - HKLM BootExecute: (/sync /restart)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013/08/16 22:06:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/08/16 22:06:55 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2013/08/16 22:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2013/08/16 14:43:44 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Local\ Online Backup

[2013/08/16 14:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap

[2013/08/14 03:51:17 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013/08/14 03:51:16 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013/08/14 03:51:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2013/08/14 03:51:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2013/08/14 03:51:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2013/08/14 03:51:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2013/08/14 03:51:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2013/08/14 03:51:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2013/08/14 03:51:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2013/08/14 03:51:01 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2013/08/14 03:51:00 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2013/08/14 03:50:37 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013/08/14 03:50:35 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013/08/14 03:50:34 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013/08/14 03:50:30 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013/08/14 03:08:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT

[2013/08/13 17:24:39 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL

[2013/08/13 17:24:37 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL

[2013/08/13 17:23:41 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll

[2013/08/13 17:23:40 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll

[2013/08/13 17:23:38 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

[2013/08/13 17:23:15 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll

[2013/08/13 17:23:04 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2013/08/13 17:22:59 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2013/08/13 17:22:58 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2013/08/13 17:22:56 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll

[2013/08/13 17:22:54 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2013/08/13 17:22:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2013/08/13 17:22:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2013/08/13 17:22:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2013/08/13 17:22:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2013/08/13 17:22:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2013/08/12 03:07:34 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

 

========== Files - Modified Within 30 Days ==========

 

[2013/08/16 22:46:01 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3993016273-2347322539-148929479-1002Core.job

[2013/08/16 22:46:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3993016273-2347322539-148929479-1002UA.job

[2013/08/16 22:36:23 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/08/16 22:36:23 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/08/16 22:26:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/08/16 22:26:34 | 1292,034,048 | -HS- | M] () -- C:\hiberfil.sys

[2013/08/16 22:07:00 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/08/16 21:08:07 | 000,000,423 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat

[2013/08/14 14:42:29 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2013/08/14 14:42:29 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2013/08/14 14:42:29 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys

[2013/08/14 14:42:29 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum

[2013/08/14 14:42:29 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum

[2013/08/14 14:42:29 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum

[2013/08/14 10:21:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2013/08/14 03:29:17 | 000,738,562 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/08/14 03:29:17 | 000,623,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/08/14 03:29:17 | 000,105,956 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/08/13 15:37:09 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForsunnyjones.job

[2013/08/12 03:07:34 | 000,002,396 | ---- | M] () -- C:\Users\sunnyjones\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013/08/12 03:07:33 | 000,002,394 | ---- | M] () -- C:\Users\sunnyjones\Desktop\Google Chrome.lnk

[2013/08/06 19:00:09 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSUNNYJONES-HP$.job

[2013/07/25 23:13:58 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2013/07/25 23:12:27 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013/07/25 23:12:08 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013/07/25 23:12:08 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013/07/25 23:12:04 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013/07/25 23:12:04 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2013/07/25 23:12:03 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2013/07/25 23:12:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2013/07/25 21:12:04 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013/07/25 21:12:00 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013/07/25 21:12:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2013/07/25 21:12:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2013/07/25 21:11:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2013/07/25 20:39:38 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2013/07/25 19:59:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2013/07/25 03:25:54 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL

[2013/07/25 02:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL

 

========== Files Created - No Company Name ==========

 

[2013/08/16 22:07:00 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/08/14 14:42:29 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum

[2013/08/14 14:42:29 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum

[2013/08/14 14:42:29 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum

[2013/08/12 03:07:33 | 000,002,396 | ---- | C] () -- C:\Users\sunnyjones\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013/08/12 03:07:32 | 000,002,394 | ---- | C] () -- C:\Users\sunnyjones\Desktop\Google Chrome.lnk

[2012/12/27 12:30:58 | 000,000,580 | ---- | C] () -- C:\Users\sunnyjones\AppData\Local\cookies.ini

[2011/11/07 12:58:33 | 000,774,388 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/10/15 18:00:52 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

 

========== ZeroAccess Check ==========

 

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 23:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 22:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

 

< End of report >

[help :)]

and this is the one after i clicked remove selected

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.16.07

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

sunnyjones :: SUNNYJONES-HP [administrator]

 

8/16/2013 10:08:50 PM

mbam-log-2013-08-16 (22-08-50).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 218266

Time elapsed: 12 minute(s), 21 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 16

C:\Users\sunnyjones\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\installer.exe (PUP.Optional.MSILLauncher) -> No action taken.

C:\Users\sunnyjones\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\setup__120.exe (PUP.Optional.Amonetize.A) -> No action taken.

C:\Users\sunnyjones\Downloads\Player_Setup.exe (PUP.Optional.MSILLauncher) -> No action taken.

C:\Users\sunnyjones\Downloads\Produtools_Forms_B2 (1).exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Downloads\Produtools_Forms_B2.exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Downloads\rcpsetup_ad_gen_ad_lp2_us (1).exe (PUP.Optional.RegCleanerPro) -> No action taken.

C:\Users\sunnyjones\Downloads\rcpsetup_ad_gen_ad_lp2_us.exe (PUP.Optional.RegCleanerPro) -> No action taken.

C:\Users\sunnyjones\Downloads\rcpsetup_latest.exe (PUP.Optional.RegCleanerPro) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\36HFG34Y\stublogic[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\Vafmusic2[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\Vafmusic2_wpf[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\TZCZKYVI\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Downloads\FlashPlayer_V.39166259c.exe (Adware.DomaIQ) -> Quarantined and deleted successfully.

 

(end)

[help :)]

ok this is the one before i clicked removed selected

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.16.07

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

sunnyjones :: SUNNYJONES-HP [administrator]

 

8/16/2013 10:08:50 PM

MBAM-log-2013-08-16 (22-21-40).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 218266

Time elapsed: 12 minute(s), 21 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 16

C:\Users\sunnyjones\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\installer.exe (PUP.Optional.MSILLauncher) -> No action taken.

C:\Users\sunnyjones\AppData\Local\Temp\DM\Player_Setup.exe\a896107152fe41c096cc6b72a98f0d89\setup__120.exe (PUP.Optional.Amonetize.A) -> No action taken.

C:\Users\sunnyjones\Downloads\FlashPlayer_V.39166259c.exe (Adware.DomaIQ) -> No action taken.

C:\Users\sunnyjones\Downloads\Player_Setup.exe (PUP.Optional.MSILLauncher) -> No action taken.

C:\Users\sunnyjones\Downloads\Produtools_Forms_B2 (1).exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Downloads\Produtools_Forms_B2.exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Downloads\rcpsetup_ad_gen_ad_lp2_us (1).exe (PUP.Optional.RegCleanerPro) -> No action taken.

C:\Users\sunnyjones\Downloads\rcpsetup_ad_gen_ad_lp2_us.exe (PUP.Optional.RegCleanerPro) -> No action taken.

C:\Users\sunnyjones\Downloads\rcpsetup_latest.exe (PUP.Optional.RegCleanerPro) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\36HFG34Y\stublogic[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\Vafmusic2[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\N5KMD5Z0\Vafmusic2_wpf[1].exe (PUP.Optional.Conduit.A) -> No action taken.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\TZCZKYVI\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.

 

(end)

[help :)]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.6 (08.15.2013:1)

OS: Windows 7 Home Premium x64

Ran by sunnyjones on Fri 08/16/2013 at 21:25:26.17

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ConduitFloatingPlugin_cbjibcbpmbcabnfnohhgjjmkgkimajko

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\distromatic

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\systweakasp_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\systweakasp_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120809_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120809_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120809_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120809_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASMANCS

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{55282493-952C-4CD9-91B1-14053F3CB04B}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Users\sunnyjones\AppData\Roaming\strongvault online backup"

Successfully deleted: [Folder] "C:\Users\sunnyjones\appdata\local\cre"

Successfully deleted: [Folder] "C:\Users\sunnyjones\appdata\local\strongvault online backup"

Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"

Successfully deleted: [Folder] "C:\ai_recyclebin"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

 

 

~~~ FireFox

 

Emptied folder: C:\Users\sunnyjones\AppData\Roaming\mozilla\firefox\profiles\74v95my7.default\minidumps [2 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 08/16/2013 at 21:55:00.52

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[help :)]

ok this is what it said i think i am doing it right 

 

# AdwCleaner v2.306 - Logfile created 08/16/2013 at 21:05:59

# Updated 19/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : sunnyjones - SUNNYJONES-HP

# Boot Mode : Normal

# Running from : C:\Users\sunnyjones\Downloads\adwcleaner (1).exe

# Option [Delete]

 

 

***** [services] *****

 

Stopped & Deleted : CltMngSvc

Stopped & Deleted : vToolbarUpdater14.2.0

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko

Deleted on reboot : C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdipjefcbnbcjgpgbgmpmcmgbmpjpjae

File Deleted : C:\END

File Deleted : C:\Users\sunnyjones\AppData\Roaming\Mozilla\Firefox\Profiles\74v95my7.default\searchplugins\Conduit.xml

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\SearchProtect

Folder Deleted : C:\Users\SUNNYJ~1\AppData\Local\Temp\CT3294791

Folder Deleted : C:\Users\sunnyjones\AppData\Local\Conduit

Folder Deleted : C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko

Folder Deleted : C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdipjefcbnbcjgpgbgmpmcmgbmpjpjae

Folder Deleted : C:\Users\sunnyjones\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\sunnyjones\AppData\Roaming\Mozilla\Firefox\Profiles\74v95my7.default\CT3294791

Folder Deleted : C:\Users\sunnyjones\AppData\Roaming\Mozilla\Firefox\Profiles\74v95my7.default\extensions\{7f3f960e-a836-45ca-8911-0accb522246e}

Folder Deleted : C:\Users\sunnyjones\AppData\Roaming\SearchProtect

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Google\Chrome\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko

Key Deleted : HKCU\Software\Google\Chrome\Extensions\cdipjefcbnbcjgpgbgmpmcmgbmpjpjae

Key Deleted : HKCU\Software\SearchProtect

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3294791

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cdipjefcbnbcjgpgbgmpmcmgbmpjpjae

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v10.0.9200.16660

 

 

-\\ Mozilla Firefox v21.0 (en-US)

 

File : C:\Users\sunnyjones\AppData\Roaming\Mozilla\Firefox\Profiles\74v95my7.default\prefs.js

 

Deleted : user_pref("CT3294791.FF19Solved", "true");

Deleted : user_pref("CT3294791.UserID", "UN55590510949463059");

Deleted : user_pref("CT3294791.addressUrlXPETakeover", "true");

Deleted : user_pref("CT3294791.autoDisableScopes", -1);

Deleted : user_pref("CT3294791.browser.search.defaultthis.engineName", "true");

Deleted : user_pref("CT3294791.defaultSearchXPETakeover", "true");

Deleted : user_pref("CT3294791.fullUserID", "UN55590510949463059.IN.20130816143152");

Deleted : user_pref("CT3294791.installDate", "16/08/2013 14:31:51");

Deleted : user_pref("CT3294791.installSessionId", "{E6FD7B31-D126-4CC5-8D51-A3B30E0C3E32}");

Deleted : user_pref("CT3294791.installSp", "TRUE");

Deleted : user_pref("CT3294791.installerVersion", "1.6.0.22");

Deleted : user_pref("CT3294791.keyword", "true");

Deleted : user_pref("CT3294791.originalHomepage", "about:home");

Deleted : user_pref("CT3294791.originalSearchAddressUrl", "");

Deleted : user_pref("CT3294791.originalSearchEngine", "");

Deleted : user_pref("CT3294791.originalSearchEngineName", "");

Deleted : user_pref("CT3294791.searchRevert", "false");

Deleted : user_pref("CT3294791.searchUserMode", "2");

Deleted : user_pref("CT3294791.smartbar.homepage", "true");

Deleted : user_pref("CT3294791.startPageXPETakeover", "true");

Deleted : user_pref("CT3294791.versionFromInstaller", "10.16.9.6");

Deleted : user_pref("CT3294791.xpeMode", "3");

Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");

Deleted : user_pref("browser.search.defaultenginename", "Vafmusic2 Customized Web Search");

Deleted : user_pref("browser.search.defaultthis.engineName", "Vafmusic2 Customized Web Search");

Deleted : user_pref("browser.search.selectedEngine", "Vafmusic2 Customized Web Search");

Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3294791");

Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3294791");

Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3294791");

Deleted : user_pref("smartbar.machineId", "Z/2SAIAJSYBZERS4XYAXOBE3L3GSR4GIH3YAK7HZV9ZMVWXXDIWQQKZZFJF/6DGRZJT[...]

 

-\\ Google Chrome v28.0.1500.95

 

File : C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

 

*************************

 

AdwCleaner[R1].txt - [14820 octets] - [22/04/2013 20:09:01]

AdwCleaner[s1].txt - [14745 octets] - [22/04/2013 20:15:10]

AdwCleaner[s2].txt - [7370 octets] - [16/08/2013 21:05:59]

 

########## EOF - C:\AdwCleaner[s2].txt - [7430 octets] ##########

[help :)]

can u please wipe it clean take off all the crap that is slowing it down u can every thing off if you need too thanks sunny

[sunnyjones3 computer cleaning]

Running real smooth & starts fast with no pop-ups !!!!

THANK YOU SOOOOOOOOOOO MUCH!!!!!

[sunnyjones3 computer cleaning]

Running real smooth & starts fast with no pop-ups !!!!

[sunnyjones3 computer cleaning]

Hi, AdwCleaner log !

# AdwCleaner v2.202 - Logfile created 04/22/2013 at 20:15:10

# Updated 23/04/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : sunnyjones - SUNNYJONES-HP

# Boot Mode : Normal

# Running from : C:\Users\sunnyjones\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : Yontoo Desktop Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search

File Deleted : C:\Users\Public\Desktop\eBay.lnk

Folder Deleted : C:\Program Files (x86)\AVG Secure Search

Folder Deleted : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\Users\sunnyjones\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\sunnyjones\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Deleted : HKCU\Software\Alexa Internet

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\Software\Supreme Savings

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Deleted : HKLM\SOFTWARE\Tarma Installer

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\sunnyjones\AppData\Roaming\Mozilla\Firefox\Profiles\74v95my7.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2818] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=11[...]

*************************

AdwCleaner[R1].txt - [14820 octets] - [22/04/2013 20:09:01]

AdwCleaner[s1].txt - [14714 octets] - [22/04/2013 20:15:10]

########## EOF - C:\AdwCleaner[s1].txt - [14775 octets] ##########

[sunnyjones3 computer cleaning]

Hi, the AdwCleaner log :

# AdwCleaner v2.202 - Logfile created 04/22/2013 at 20:09:01

# Updated 23/04/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : sunnyjones - SUNNYJONES-HP

# Boot Mode : Normal

# Running from : C:\Users\sunnyjones\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

Found : Yontoo Desktop Updater

***** [Files / Folders] *****

File Found : C:\Users\Public\Desktop\eBay.lnk

Folder Found : C:\Program Files (x86)\AVG Secure Search

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found : C:\ProgramData\AVG Secure Search

Folder Found : C:\Users\sunnyjones\AppData\Local\AVG Secure Search

Folder Found : C:\Users\sunnyjones\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\Alexa Internet

Key Found : HKCU\Software\AVG Secure Search

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\Software\AVG Secure Search

Key Found : HKLM\Software\AVG Security Toolbar

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Found : HKLM\Software\Supreme Savings

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Found : HKLM\SOFTWARE\Tarma Installer

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\sunnyjones\AppData\Roaming\Mozilla\Firefox\Profiles\74v95my7.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.2818] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=110803&tt=031012_IKAN_4012_1&babsrc=HP_ss&mntrId=9878b9e90000000000003cd92b2802d0", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={79D83CC3-9672-11E2-AF25-3CD92B2802D0}", "hxxp://search.conduit.com/?ctid=CT3287528&SearchSource=48&CUI=UN20271217581892818&UM=2", "hxxp://www.amazon.com/websearch/ref=bit_bds-p23_serp_cr_us_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_61b1d8e290eb44939a82afad9307c057_39_1006_20130410_US_cr_sp_" ]

*************************

AdwCleaner[R1].txt - [14789 octets] - [22/04/2013 20:09:01]

########## EOF - C:\AdwCleaner[R1].txt - [14850 octets] ##########

[sunnyjones3 computer cleaning]

Hi, Otl fix log !

All processes killed

========== OTL ==========

No active process named FinallyFast.exe was found!

No active process named ApcMain.exe was found!

No active process named avgui.exe was found!

No active process named avgidsagent.exe was found!

No active process named vprot.exe was found!

Process ToolbarUpdater.exe killed successfully!

No active process named avgwdsvc.exe was found!

No active process named SchedulerService.exe was found!

No active process named PMonitor.exe was found!

No active process named ASCTray.exe was found!

No active process named ASCService.exe was found!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_USERS\S-1-5-21-3993016273-2347322539-148929479-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-3993016273-2347322539-148929479-1002\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

C:\Users\sunnyjones\AppData\Roaming\Mozilla\Extensions folder moved successfully.

C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.

C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.

Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ .

File move failed. C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll scheduled to be moved on reboot.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.

Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ .

File move failed. C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll scheduled to be moved on reboot.

Registry value HKEY_USERS\S-1-5-21-3993016273-2347322539-148929479-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.

Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ .

File move failed. C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll scheduled to be moved on reboot.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Conime deleted successfully.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.

File Protocol\Handler\linkscanner - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.

File Protocol\Handler\livecall - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.

File Protocol\Handler\msnim - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.

File Protocol\Handler\wlmailhtml - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.

File Protocol\Handler\wlpg - No CLSID value found not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ not found.

File Protocol\Handler\linkscanner - No CLSID value found not found.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: sunnyjones

->Java cache emptied: 5715807 bytes

Total Java Files Cleaned = 5.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: sunnyjones

->Flash cache emptied: 14219 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: sunnyjones

->Temp folder emptied: 444930717 bytes

->Temporary Internet Files folder emptied: 254408475 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 8457695 bytes

->Google Chrome cache emptied: 387297739 bytes

->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 416179083 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 10316158 bytes

%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,451.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 04222013_192820

Files\Folders moved on Reboot...

File move failed. C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll scheduled to be moved on reboot.

C:\Users\sunnyjones\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[sunnyjones3 computer cleaning]

Part 3

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (no name) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - No CLSID value found.

O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.

O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll File not found

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll File not found

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)

O3 - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()

O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()

O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found

O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)

O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-3993016273-2347322539-148929479-1002..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\PC Medic\ASCTray.exe (Defender Pro)

O4 - HKU\S-1-5-21-3993016273-2347322539-148929479-1002..\Run: [spotify] C:\Users\sunnyjones\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)

O4 - HKU\S-1-5-21-3993016273-2347322539-148929479-1002..\Run: [spotify Web Helper] C:\Users\sunnyjones\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" File not found

O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.15.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8445F7AB-EF8C-4619-B882-39F55811BDD9}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\linkscanner - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/02/10 19:02:00 | 000,000,016 | R--- | M] () - E:\AUTOPLAY.BAT -- [ UDF ]

O32 - AutoRun File - [2011/02/10 19:02:00 | 000,000,055 | R--- | M] () - E:\AUTORUN.INF -- [ UDF ]

O33 - MountPoints2\{ad6f8475-f14f-11e0-9c1f-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{ad6f8475-f14f-11e0-9c1f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\PopCDRun.exe -- [2011/02/10 19:00:44 | 000,300,376 | R--- | M] ()

O34 - HKLM BootExecute: (/sync /restart)

O34 - HKLM BootExecute: (/sync /restart)

O34 - HKLM BootExecute: (/sync /restart)

O34 - HKLM BootExecute: (/sync /restart)

O34 - HKLM BootExecute: (/sync /restart)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/22 14:17:20 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2013/04/22 14:16:40 | 000,000,000 | ---D | C] -- C:\JRT

[2013/04/22 13:45:23 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Roaming\Malwarebytes

[2013/04/22 13:45:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/04/22 13:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2013/04/22 13:44:56 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2013/04/22 13:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2013/04/22 12:40:13 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Local\Macromedia

[2013/04/22 12:16:43 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Roaming\Mozilla

[2013/04/22 12:16:43 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Local\Mozilla

[2013/04/22 12:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2013/04/22 12:16:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2013/04/16 16:11:48 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Roaming\Jumb-O-Fun Games

[2013/04/16 10:28:58 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Roaming\casualArts

[2013/04/16 10:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\casualArts

[2013/04/11 10:37:26 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2013/04/11 10:37:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2013/04/11 10:37:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013/04/11 10:37:19 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013/04/11 10:37:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2013/04/11 10:37:18 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2013/04/11 10:37:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2013/04/11 10:37:17 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2013/04/11 10:37:16 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2013/04/11 10:37:16 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2013/04/11 10:37:15 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013/04/11 10:37:14 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013/04/11 10:37:08 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013/04/11 10:37:08 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2013/04/11 10:37:07 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013/04/10 08:13:24 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2013/04/10 08:13:15 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2013/04/10 08:13:15 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2013/04/10 08:13:14 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe

[2013/04/10 08:13:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2013/04/10 08:13:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll

[2013/04/09 20:44:10 | 000,000,000 | ---D | C] -- C:\components

[2013/04/09 19:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon

[2013/04/09 19:00:46 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe

[2013/04/09 18:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascentive

[2013/04/09 18:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ascentive

[2013/04/09 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Local\CRE

[2013/04/05 15:22:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

[2013/04/04 22:45:33 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Roaming\Nitreal Games

[2013/04/01 20:16:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup

[2013/03/31 19:24:38 | 000,000,000 | ---D | C] -- C:\d1b25e1f013d088336ea

[2013/03/26 19:46:06 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Roaming\player

[2013/03/26 18:10:02 | 000,000,000 | ---D | C] -- C:\Users\sunnyjones\AppData\Local\Programs

[2013/03/26 18:09:30 | 000,000,000 | -HSD | C] -- C:\AI_RecycleBin

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/22 16:42:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/04/22 16:34:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3993016273-2347322539-148929479-1002UA.job

[2013/04/22 16:34:02 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3993016273-2347322539-148929479-1002Core.job

[2013/04/22 15:49:59 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/04/22 15:49:59 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/04/22 15:41:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/04/22 15:40:56 | 1292,034,048 | -HS- | M] () -- C:\hiberfil.sys

[2013/04/22 14:45:49 | 000,014,383 | ---- | M] () -- C:\Users\sunnyjones\Desktop\jrt.rtf

[2013/04/22 13:45:07 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/04/22 13:32:24 | 298,320,866 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2013/04/22 13:09:00 | 000,000,512 | ---- | M] () -- C:\Users\sunnyjones\Documents\MBR.dat

[2013/04/22 12:16:33 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013/04/22 12:12:44 | 000,001,156 | ---- | M] () -- C:\Users\sunnyjones\Desktop\Continue Firefox Installation.lnk

[2013/04/15 20:49:50 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForsunnyjones.job

[2013/04/14 15:48:21 | 000,623,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/04/14 15:48:21 | 000,105,956 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/04/14 15:48:20 | 000,724,192 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/04/11 15:15:01 | 000,281,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/04/09 20:40:28 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog

[2013/04/09 18:55:52 | 000,001,199 | ---- | M] () -- C:\Users\sunnyjones\Application Data\Microsoft\Internet Explorer\Quick Launch\Performance Center.lnk

[2013/04/09 18:55:51 | 000,001,157 | ---- | M] () -- C:\Users\sunnyjones\Application Data\Microsoft\Internet Explorer\Quick Launch\Finally Fast.lnk

[2013/04/08 16:10:12 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSUNNYJONES-HP$.job

[2013/04/05 15:22:23 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2013/04/01 20:15:50 | 000,774,388 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013/04/01 20:11:18 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013/04/01 20:11:17 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/22 14:45:48 | 000,014,383 | ---- | C] () -- C:\Users\sunnyjones\Desktop\jrt.rtf

[2013/04/22 13:45:05 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/04/22 13:09:00 | 000,000,512 | ---- | C] () -- C:\Users\sunnyjones\Documents\MBR.dat

[2013/04/22 12:16:33 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013/04/22 12:16:30 | 000,001,021 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2013/04/22 12:12:44 | 000,001,156 | ---- | C] () -- C:\Users\sunnyjones\Desktop\Continue Firefox Installation.lnk

[2013/04/09 18:55:51 | 000,001,199 | ---- | C] () -- C:\Users\sunnyjones\Application Data\Microsoft\Internet Explorer\Quick Launch\Performance Center.lnk

[2013/04/09 18:55:51 | 000,001,157 | ---- | C] () -- C:\Users\sunnyjones\Application Data\Microsoft\Internet Explorer\Quick Launch\Finally Fast.lnk

[2013/04/09 18:20:09 | 000,000,866 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog

[2012/12/27 12:30:58 | 000,000,580 | ---- | C] () -- C:\Users\sunnyjones\AppData\Local\cookies.ini

[2012/06/27 07:35:16 | 000,450,560 | ---- | C] () -- C:\Windows\SysWow64\AscSQLite.dll

[2011/11/07 12:58:33 | 000,774,388 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/10/15 18:00:52 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

[2011/07/19 22:21:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011/07/19 22:10:52 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/12/21 14:19:20 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Temp

[2012/10/13 10:00:56 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2011/12/21 14:19:20 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Temp

[2012/10/13 10:00:56 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

[sunnyjones3 computer cleaning]

Part 2

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}

IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=CPNTDF

IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF

IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\..\SearchScopes,DefaultScope = {06FAEB75-D494-4BF6-934C-092B64AC042B}

IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\..\SearchScopes,DefaultScope = {06FAEB75-D494-4BF6-934C-092B64AC042B}

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

IE - HKU\S-1-5-21-3993016273-2347322539-148929479-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\sunnyjones\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\sunnyjones\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\sunnyjones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2012/02/13 01:42:28 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2013/04/22 15:41:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2013/02/24 23:56:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/22 15:38:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/04/22 12:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sunnyjones\AppData\Roaming\Mozilla\Extensions

[2013/04/22 12:16:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2013/04/10 00:58:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2013/04/10 00:57:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2013/04/10 00:57:54 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: amazon.com (Enabled)

CHR - default_search_provider: search_url = http://www.amazon.com/s/ref=nb_sb_ss_i_1_4?url=search-alias%3Daps&field-keywords={searchTerms}&sprefix=wood%2Caps%2C947

CHR - default_search_provider: suggest_url =

CHR - homepage: http://www.google.com/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll

CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll

CHR - plugin: Windows Live\u00C3\u201A? Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\sunnyjones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\sunnyjones\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - Extension: YouTube = C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: AVG Security Toolbar = C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\

CHR - Extension: Gmail = C:\Users\sunnyjones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

[sunnyjones3 computer cleaning]

Hi, OTL log

OTL logfile created on: 4/22/2013 4:35:06 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sunnyjones\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.60 Gb Total Physical Memory | 0.44 Gb Available Physical Memory | 27.63% Memory free

3.21 Gb Paging File | 1.30 Gb Available in Paging File | 40.54% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 218.92 Gb Total Space | 130.03 Gb Free Space | 59.40% Space Free | Partition Type: NTFS

Drive D: | 13.67 Gb Total Space | 1.70 Gb Free Space | 12.46% Space Free | Partition Type: NTFS

Drive E: | 551.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Drive G: | 99.18 Mb Total Space | 89.04 Mb Free Space | 89.77% Space Free | Partition Type: FAT32

Computer Name: SUNNYJONES-HP | User Name: sunnyjones | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/22 16:33:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sunnyjones\Downloads\OTL.scr

PRC - [2013/04/18 00:45:44 | 004,555,776 | ---- | M] (Spotify Ltd) -- C:\Users\sunnyjones\AppData\Roaming\Spotify\spotify.exe

PRC - [2013/04/18 00:45:42 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Users\sunnyjones\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

PRC - [2013/04/10 00:58:15 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2013/04/02 23:57:54 | 001,872,584 | ---- | M] (Ascentive LLC) -- C:\Program Files (x86)\Ascentive\Finally Fast\FinallyFast.exe

PRC - [2013/04/02 02:51:52 | 000,647,880 | ---- | M] (Ascentive) -- C:\Program Files (x86)\Ascentive\Performance Center\ApcMain.exe

PRC - [2013/04/01 20:11:17 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

PRC - [2013/03/13 17:15:00 | 004,394,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe

PRC - [2013/02/27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

PRC - [2013/02/25 00:21:32 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

PRC - [2013/02/25 00:21:32 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

PRC - [2013/02/19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

PRC - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012/11/05 02:50:12 | 000,377,800 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

PRC - [2012/09/28 15:42:08 | 000,298,376 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

PRC - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

PRC - [2012/03/26 15:58:48 | 000,735,352 | ---- | M] (CyberDefender Corp.) -- C:\Program Files (x86)\CyberDefender\SchedulerService\SchedulerService.exe

PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2011/08/19 15:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

PRC - [2011/08/12 12:25:54 | 000,803,512 | ---- | M] (IObit) -- C:\Program Files (x86)\PC Medic\PMonitor.exe

PRC - [2011/08/12 12:25:50 | 000,615,608 | ---- | M] (Defender Pro) -- C:\Program Files (x86)\PC Medic\ASCTray.exe

PRC - [2011/08/12 12:25:50 | 000,352,952 | ---- | M] (IObit) -- C:\Program Files (x86)\PC Medic\ASCService.exe

PRC - [2011/07/11 15:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

PRC - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

PRC - [2011/07/06 20:13:48 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

PRC - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe

PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

PRC - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

PRC - [2010/09/03 00:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe

========== Modules (No Company Name) ==========

MOD - [2013/04/18 00:45:44 | 024,985,600 | ---- | M] () -- C:\Users\sunnyjones\AppData\Roaming\Spotify\Data\libcef.dll

MOD - [2013/04/10 00:58:18 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2013/04/01 20:11:13 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

MOD - [2013/02/25 00:21:32 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

MOD - [2013/02/25 00:21:32 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll

MOD - [2012/11/05 02:50:12 | 000,377,800 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

MOD - [2012/08/06 03:54:24 | 009,843,640 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll

MOD - [2011/08/12 12:25:54 | 000,346,808 | ---- | M] () -- C:\Program Files (x86)\PC Medic\madexcept_.bpl

MOD - [2011/08/12 12:25:52 | 000,178,872 | ---- | M] () -- C:\Program Files (x86)\PC Medic\madbasic_.bpl

MOD - [2011/08/12 12:25:52 | 000,046,264 | ---- | M] () -- C:\Program Files (x86)\PC Medic\maddisAsm_.bpl

MOD - [2010/11/11 03:24:31 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll

MOD - [2010/07/13 07:07:23 | 007,826,432 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll

MOD - [2010/07/05 03:19:39 | 000,116,736 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll

MOD - [2010/06/23 19:16:19 | 002,150,400 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll

MOD - [2010/06/01 23:05:40 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll

MOD - [2010/06/01 20:56:04 | 000,232,960 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll

MOD - [2010/06/01 20:54:24 | 002,530,816 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll

MOD - [2010/06/01 20:29:22 | 000,934,912 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll

MOD - [2010/06/01 20:28:00 | 000,335,360 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll

========== Services (SafeList) ==========

SRV:64bit: - [2011/03/04 13:50:26 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2011/03/04 13:44:40 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/08/05 20:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)

SRV:64bit: - [2010/07/21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)

SRV:64bit: - [2010/06/17 07:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)

SRV:64bit: - [2009/11/17 20:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2013/04/10 00:58:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2013/04/01 20:11:18 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/02/27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2013/02/25 00:21:32 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)

SRV - [2013/02/19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)

SRV - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)

SRV - [2012/03/26 15:58:48 | 000,735,352 | ---- | M] (CyberDefender Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberDefender\SchedulerService\SchedulerService.exe -- (CDScheduler)

SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011/08/12 12:25:50 | 000,352,952 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\PC Medic\ASCService.exe -- (AdvancedSystemCareService)

SRV - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)

SRV - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)

SRV - [2011/03/01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)

SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)

SRV - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)

SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

SRV - [2010/09/03 00:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2013/02/26 23:40:46 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)

DRV:64bit: - [2013/02/25 00:21:32 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)

DRV:64bit: - [2013/02/14 03:52:46 | 000,239,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2013/02/08 04:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2013/02/08 04:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)

DRV:64bit: - [2013/02/08 04:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)

DRV:64bit: - [2013/02/08 04:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2013/02/08 04:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2012/12/06 04:30:08 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/12/06 04:30:03 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/12/06 04:29:59 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/09/28 15:14:58 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (Leapfrog-USBLAN)

DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/12/05 17:33:38 | 001,145,448 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)

DRV:64bit: - [2011/10/15 18:00:08 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2011/10/08 00:57:04 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)

DRV:64bit: - [2011/08/01 16:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)

DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)

DRV:64bit: - [2011/04/20 19:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS)

DRV:64bit: - [2011/03/30 21:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP)

DRV:64bit: - [2011/03/30 21:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX)

DRV:64bit: - [2011/03/14 20:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)

DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/03/05 01:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/04 16:01:18 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011/03/04 13:16:48 | 000,295,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011/02/15 13:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)

DRV:64bit: - [2011/01/27 00:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)

DRV:64bit: - [2011/01/26 23:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON)

DRV:64bit: - [2010/11/29 06:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/11 20:16:00 | 000,037,504 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)

DRV:64bit: - [2010/11/11 20:15:58 | 000,077,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)

DRV:64bit: - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)

DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)

DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2011/11/21 15:32:23 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111206.018\EX64.SYS -- (NAVEX15)

DRV - [2011/11/21 15:32:23 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111206.018\ENG64.SYS -- (NAVENG)

DRV - [2011/11/14 13:28:01 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111123.001\BHDrvx64.sys -- (BHDrvx64)

DRV - [2011/11/09 12:59:55 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)

DRV - [2011/10/07 15:04:12 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111206.001\IDSviA64.sys -- (IDSVia64)

DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

[sunnyjones3 computer cleaning]

Hi, the Junkware Removal Tool log.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.8.8 (04.21.2013:2)

OS: Windows 7 Home Premium x64

Ran by sunnyjones on Mon 04/22/2013 at 14:17:27.63

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Failed to stop: [service] yontoo desktop updater

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\yontoo desktop

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3993016273-2347322539-148929479-1002\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\scripthelper.exe

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\viprotocol.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\yontooieclient.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\giant savings_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\giant savings_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminent_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminent_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminentsetup_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminentsetup_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3277370

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3287528

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{06FAEB75-D494-4BF6-934C-092B64AC042B}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB0315A7-38D3-4D8D-8221-622466BF577F}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}

~~~ Files

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"

Successfully deleted: [File] "C:\end"

Successfully deleted: [File] C:\Windows\syswow64\sho13D5.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho1DAC.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho265A.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho28AC.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho3515.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho3734.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho41.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho45DC.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho58DD.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho78DF.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho8C87.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho9380.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho9844.tmp

Successfully deleted: [File] C:\Windows\syswow64\shoBEB9.tmp

Successfully deleted: [File] C:\Windows\syswow64\shoF1E7.tmp

Successfully deleted: [File] C:\Windows\syswow64\shoF345.tmp

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"

Successfully deleted: [Folder] "C:\Users\sunnyjones\AppData\Roaming\babylon"

Successfully deleted: [Folder] "C:\Users\sunnyjones\AppData\Roaming\strongvault"

Successfully deleted: [Folder] "C:\Users\sunnyjones\AppData\Roaming\systweak"

Successfully deleted: [Folder] "C:\Users\sunnyjones\AppData\Roaming\yontoo"

Successfully deleted: [Folder] "C:\Users\sunnyjones\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\sunnyjones\appdata\local\supreme savings"

Successfully deleted: [Folder] "C:\Users\sunnyjones\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Users\sunnyjones\appdata\locallow\pricegong"

Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"

Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"

Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"

Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{0C73FE90-BA2E-44D4-934D-1ADA7646DB69}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{13E61B32-D2C5-4F0F-A2BC-316233707B0A}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{19C1C800-038D-4C30-953E-670B6BA9A995}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{1E65E326-CE48-408F-BD43-AEEC0CB96BAB}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{29AFAE87-18A5-4CFD-A4A5-D0B533DADB2A}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{2D2DE8CD-6BBF-4557-94D5-FE02845A3038}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{4151327F-48A9-417D-A029-1547C5A4ABCD}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{4C0268FA-EA4C-48B3-B022-7F6B5821CB57}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{4E012648-9DB7-42BF-887F-9637FAAD8BFD}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{62071559-8605-4C67-9006-EDE070400D3F}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{62986C29-17D1-4036-9AE1-A4F6DFCA0A5D}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{68227CC1-7EFB-4B8D-89EE-1CD022003F72}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{725AD65F-F4BE-4E28-8580-5877F8DAE4C0}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{73268FBC-00DA-42F0-90A2-3A75CB481FCE}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{75D7289C-1418-426C-9F8D-2115D56AFFCB}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{880A7E31-2C41-4A3B-94E8-BCA93452E204}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{A268656F-3664-4718-9021-A990ADB093A8}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{A499F49C-A2CB-46F2-8146-52A140309E99}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{A72623F5-7EBA-4834-95DE-9121A0D7700A}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{AF6FE874-99A2-4D63-B245-9037B61CAE64}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{C1740D4D-7EE6-4A61-952A-F464AD95E08D}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{C1FE0A3C-830A-4970-896A-16D77C2DFC3A}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{C61A7651-E56F-407B-9471-8F4EB7F51A38}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{D4DAD1E4-F61C-491C-8B55-6FB08C778062}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{D8E34C06-51DB-447E-9735-F1F9E9326702}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{E3EB346C-B606-4BBC-81F6-4F5B13AAA72D}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{EA9FF252-B1E9-41D5-AD0F-2F9BAE689703}

Successfully deleted: [Empty Folder] C:\Users\sunnyjones\appdata\local\{F9774308-0FD2-4566-9123-1B99B720EA5C}

~~~ FireFox

Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\{c4cfc0de-134f-4466-b2a2-ff7c59a8bfad}

~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist

Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\niapdbllcanepiiimjjndipklodoedlc

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 04/22/2013 at 14:42:39.74

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[sunnyjones3 computer cleaning]

Hi

I didn't save aswmbr log, it had somethings i did not want to post !

Malwarebytes log

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.22.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

sunnyjones :: SUNNYJONES-HP [administrator]

Protection: Enabled

4/22/2013 1:48:27 PM

mbam-log-2013-04-22 (13-48-27).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 217561

Time elapsed: 18 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 6

C:\Users\sunnyjones\AppData\Local\Temp\DNS.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\GameNutt_UnlockGames (1).exe (PUP.BundleInstaller.OI) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\GameNutt_UnlockGames (2).exe (PUP.BundleInstaller.OI) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\GameNutt_UnlockGames.exe (PUP.BundleInstaller.OI) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Downloads\IWantThis.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.

C:\Users\sunnyjones\Local Settings\Temporary Internet Files\Content.IE5\CAGW44CY\DNS[1].exe (Trojan.Dropper) -> Quarantined and deleted successfully.

(end)

[sunnyjones3 computer cleaning]

Chuck working sunnyjones3 clean-up !

This so you can see what i am doing to clean your computer.