Page 1 of 4 123 ... LastLast
Results 1 to 10 of 34
  1. #1
    Member Jadyn's Avatar
    Join Date
    Apr 2004
    Posts
    89
    Points
    2

    Default Possible Virus/Trojan/Browser HiJacker or all of the above....

    Hey,

    It's been a long while since I've had to use your help but today I noticed my msn page being rerouted to some site I didn't know. I figure I have a possible Virus/Trojan/Browser HiJacker or all of the above. So I came here and started all the downloads and spyware cleaning. I've noticed for awhile now my computer has been running fairly slow but until I saw the hijacked browser I didn't think I had a virus. If you could help me get my computer running properly again, I'd definitely appreciate it.

    I have a Toshiba Notebook. Windows Vista is the Operating System. Processor AMD Athlon(tm)64x 2Dual Core Processor TK-57 1.9 GHz, Memory(Ram) 3.0 GB, 32 Bit Operating System.

    Hopefully, you'll be able to figure this out. Thankyou in advance,

    Jadyn

    For some reason the "manage attachments" page is not working for me to let me put the attachments in this post, so I will just copy and paste them right to this.


    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 02/05/2013 at 05:57 PM

    Application Version : 5.6.1014

    Core Rules Database Version : 9973
    Trace Rules Database Version: 7785

    Scan type : Complete Scan
    Total Scan Time : 02:22:41

    Operating System Information
    Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
    UAC Off - Administrator

    Memory items scanned : 959
    Memory threats detected : 1
    Registry items scanned : 38896
    Registry threats detected : 109
    File items scanned : 71325
    File threats detected : 399

    PUP.MyWebSearch/FunWebProducts
    HKLM\SOFTWARE\Fun Web Products
    HKLM\SOFTWARE\Fun Web Products#JpegConversionLib
    HKLM\SOFTWARE\Fun Web Products\MSNMessenger
    HKLM\SOFTWARE\Fun Web Products\MSNMessenger#DLLFile
    HKLM\SOFTWARE\Fun Web Products\MSNMessenger#DLLDir
    HKLM\SOFTWARE\Fun Web Products\ScreenSaver
    HKLM\SOFTWARE\Fun Web Products\ScreenSaver#ImagesDir
    HKLM\SOFTWARE\Fun Web Products\Settings
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.0
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqUninstalled
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive2
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.1
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.2
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.3
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.4
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.5
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.6
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.7
    HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.8
    HKLM\SOFTWARE\FunWebProducts
    HKLM\SOFTWARE\FunWebProducts\Installer
    HKLM\SOFTWARE\FunWebProducts\Installer#Dir
    HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
    HKLM\SOFTWARE\FunWebProducts\Installer#sr
    HKLM\SOFTWARE\FunWebProducts\Installer#pl
    HKLM\SOFTWARE\MyWebSearch
    HKLM\SOFTWARE\MyWebSearch\bar
    HKLM\SOFTWARE\MyWebSearch\bar#pid
    HKLM\SOFTWARE\MyWebSearch\bar#fwp
    HKLM\SOFTWARE\MyWebSearch\bar#mwsask
    HKLM\SOFTWARE\MyWebSearch\bar#psid
    HKLM\SOFTWARE\MyWebSearch\bar#tiec
    HKLM\SOFTWARE\MyWebSearch\bar#Dir
    HKLM\SOFTWARE\MyWebSearch\bar#PluginPath
    HKLM\SOFTWARE\MyWebSearch\bar#UninstallString
    HKLM\SOFTWARE\MyWebSearch\bar#RegHookPath
    HKLM\SOFTWARE\MyWebSearch\bar#Id
    HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
    HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
    HKLM\SOFTWARE\MyWebSearch\bar#sr
    HKLM\SOFTWARE\MyWebSearch\bar#pl
    HKLM\SOFTWARE\MyWebSearch\bar#HistoryDir
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fwp
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#mwsask
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#psid
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp
    HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
    HKLM\SOFTWARE\MyWebSearch\SkinTools
    HKLM\SOFTWARE\MyWebSearch\SkinTools#PlayerPath
    HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
    HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs
    HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
    HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS
    HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\HELPDIR
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
    HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
    HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
    HKLM\Software\FocusInteractive
    HKLM\Software\FocusInteractive\bar
    HKLM\Software\FocusInteractive\bar\Switches
    HKLM\Software\FocusInteractive\bar\Switches#incmail.exe
    HKLM\Software\FocusInteractive\bar\Switches#msimn.exe
    HKLM\Software\FocusInteractive\bar\Switches#msn.exe
    HKLM\Software\FocusInteractive\bar\Switches#outlook.exe
    HKLM\Software\FocusInteractive\bar\Switches#waol.exe
    HKLM\Software\FocusInteractive\bar\Switches#aim.exe
    HKLM\Software\FocusInteractive\bar\Switches#icq.exe
    HKLM\Software\FocusInteractive\bar\Switches#icqlite.exe
    HKLM\Software\FocusInteractive\bar\Switches#msmsgs.exe
    HKLM\Software\FocusInteractive\bar\Switches#msnmsgr.exe
    HKLM\Software\FocusInteractive\bar\Switches#ypager.exe
    HKLM\Software\FocusInteractive\bar\Switches#au
    HKLM\Software\FocusInteractive\bar\Switches#mwsSrcAs.dll
    HKLM\Software\FocusInteractive\bar\Switches#ps
    HKLM\Software\FocusInteractive\bar\Switches#ok
    HKLM\Software\FocusInteractive\bar\Switches#od
    HKLM\Software\FocusInteractive\bar\Switches#nk
    HKLM\Software\FocusInteractive\bar\Switches#nd
    HKLM\Software\FocusInteractive\Email-IM
    HKLM\Software\FocusInteractive\Email-IM\0
    HKLM\Software\FocusInteractive\Email-IM\0#Toolbar
    HKLM\Software\FocusInteractive\Email-IM\0#AppName
    HKLM\Software\FocusInteractive\Outlook
    C:\Program Files\MyWebSearch\bar\History
    C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
    C:\Program Files\MyWebSearch\bar\Settings
    C:\Program Files\MyWebSearch\bar
    C:\Program Files\MyWebSearch
    C:\Program Files\FunWebProducts\ScreenSaver\Images
    C:\Program Files\FunWebProducts\ScreenSaver
    C:\Program Files\FunWebProducts
    C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSIMG32.DLL
    C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSIMG32.DLL
    C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\RICHED20.DLL

    Adware.Tracking Cookie
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@ad.leadbolt[1].txt [ /ad.leadbolt ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@adcentriconline[2].txt [ /adcentriconline ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@adserv.brandaffinity[1].txt [ /adserv.brandaffinity ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@adserver.valwa[2].txt [ /adserver.valwa ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@adtech[1].txt [ /adtech ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@adxpose[1].txt [ /adxpose ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@affiliate.admediatrack[2].txt [ /affiliate.admediatrack ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@atdmt[1].txt [ /atdmt ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@atdmt[2].txt [ /atdmt ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@c.gigcount[1].txt [ /c.gigcount ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@counters.gigya[1].txt [ /counters.gigya ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@dmtracker[1].txt [ /dmtracker ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@ehg-verizon.hitbox[2].txt [ /ehg-verizon.hitbox ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@hitbox[2].txt [ /hitbox ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@imrworldwide[2].txt [ /imrworldwide ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@mds.profcitymedia[2].txt [ /mds.profcitymedia ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@microsoftwllivemkt.112.2o7[1].txt [ /microsoftwllivemkt.112.2o7 ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@msnportal.112.2o7[1].txt [ /msnportal.112.2o7 ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@rev.remnantmedianetwork[2].txt [ /rev.remnantmedianetwork ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@serving-sys[2].txt [ /serving-sys ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\melody@virginmobileca.122.2o7[1].txt [ /virginmobileca.122.2o7 ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\APBCTMOK.txt [ /adinterax.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\UA8MDDH6.txt [ /yieldmanager.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\1LDZLNSO.txt [ /mediaplex.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\PSD8QIBM.txt [ /mm.chitika.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\QRE48192.txt [ /networldmedia.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\VM5J3WQD.txt [ /pointroll.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\UTLISMT4.txt [ /adcentriconline.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\ZS5D7JIV.txt [ /atdmt.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\IDILWIGB.txt [ /statcounter.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\AH8MOOUT.txt [ /mywebsearch.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\26Z20TZV.txt [ /liveperson.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\VP2Y69M0.txt [ /advanceinternet.122.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\DAPNB8RK.txt [ /questionmarket.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\D8IDTAE9.txt [ /atdmt.combing.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\J8BWQ4HA.txt [ /serving-sys.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\E3RL27FD.txt [ /searsca.122.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\ZI82XWKV.txt [ /vitamine.networldmedia.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\3YMN1IOG.txt [ /apmebf.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\50OS8750.txt [ /ar.atwola.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\PWGANVZM.txt [ /tribalfusion.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\KWR4VI2C.txt [ /collective-media.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\Y3FHRB49.txt [ /legolas-media.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\280ITQ66.txt [ /timeinc.122.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\MPD9STFC.txt [ /invitemedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\RDXP7WI2.txt [ /rbc.bridgetrack.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\BX9V1RWA.txt [ /nextag.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\QYR74N06.txt [ /adbrite.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\QV89VNP1.txt [ /content.yieldmanager.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\P6FSHJEO.txt [ /anrtx.tacoda.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\BJGHHHVZ.txt [ /media303.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\FVF72DOB.txt [ /revsci.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\UG6VWXMS.txt [ /stats.royalbank.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\A2WYTE1V.txt [ /ads.networldmedia.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\FCP1DGRM.txt [ /advertising.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\LPMRFCWJ.txt [ /247realmedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\SUZTFM2J.txt [ /interclick.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\CKR7Y55D.txt [ /ad.360yield.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\9PLWL4O1.txt [ /clickfuse.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\07KW2T5M.txt [ /casalemedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\DBAZJQEG.txt [ /tripod.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\3RB6PNG9.txt [ /sales.liveperson.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\K303K8ZD.txt [ /examinercom.122.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\21E8Q72A.txt [ /doubleclick.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\XCKTE64E.txt [ /media6degrees.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\537YRL0M.txt [ /fastclick.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\UZZOXLHP.txt [ /bs.serving-sys.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\Q1SK8L92.txt [ /cbsdigitalmedia.112.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\AC5JRJIW.txt [ /ad.yieldmanager.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\L1VZ7DSN.txt [ /ads.pointroll.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\NTU371S6.txt [ /tacoda.at.atwola.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\PX60H123.txt [ /ads.pubmatic.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\HY52OKR2.txt [ /accounts.google.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\8SPLF48F.txt [ /ru4.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\2MA9F3J3.txt [ /h.atdmt.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\W4YHJHV4.txt [ /clicksor.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\04C2PYKE.txt [ /content.yieldmanager.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\1D6T8C7J.txt [ /realmedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\A32SHACP.txt [ /adserver.adtechus.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\G1O11K51.txt [ /ad.wsod.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\5AT5C6ZL.txt [ /specificclick.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\M8U7R6CL.txt [ /www.googleadservices.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\86GBYWJA.txt [ /traveladvertising.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\GB04HJEX.txt [ /www.daleyscountrywide.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\RYSXX0MF.txt [ /cz7.clickzs.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\Y4E40B7H.txt [ /ads.oregonlive.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\EA0WSTGU.txt [ /ads.saymedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\MBOQOSLT.txt [ /adlegend.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\923E7CAN.txt [ /2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\KZ0SROS7.txt [ /amazon-adsystem.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\GPAH7N4Q.txt [ /rotator.adjuggler.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\IECDWJCN.txt [ /paypal.112.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\QRHR63WL.txt [ /nautilus.122.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\MRSIABJ3.txt [ /kontera.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\YO974C9P.txt [ /zedo.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\9OSAWKAC.txt [ /liveperson.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\30VS6O1G.txt [ /clickply.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\92M1UFFP.txt [ /adfarm1.adition.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\Q8N0HA0Y.txt [ /avgtechnologies.112.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\2GCYR7T6.txt [ /daleyscountrywide.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\2HXDI6UF.txt [ /steelhousemedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\FHQVVQF4.txt [ /citi.bridgetrack.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\B2OHW6ZY.txt [ /ads.gamersmedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\BX12U2ZO.txt [ /discountcar.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\9227FG8E.txt [ /intermundomedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\UTA278KB.txt [ /dc.tremormedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\MLBX9Z62.txt [ /azjmp.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\7SHGKXXQ.txt [ /a1.interclick.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\10898WZ7.txt [ /data.coremetrics.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\FND5SJLA.txt [ /msnbc.112.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\QYI2QLC5.txt [ /ads.eqads.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\X68JIV7F.txt [ /pro-market.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\1MNQBKIR.txt [ /optimize.indieclick.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\ZWUMM6QO.txt [ /ads.ad4game.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\QZO9J2QZ.txt [ /burstnet.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\M3G6QRJJ.txt [ /at.atwola.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\FDP065W1.txt [ /in.getclicky.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\EP0MYZ3M.txt [ /srv1.okramedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\1LQZRRXQ.txt [ /insightexpressai.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\E1FPNCVS.txt [ /liveperson.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\LNSI80J2.txt [ /f.blogads.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\5QG9V00G.txt [ /lfstmedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\0EO5850N.txt [ /myroitracking.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\O5BU7NVN.txt [ /xiti.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\YKFI2ZX2.txt [ /host-d.oddcast.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\1KDAU5WB.txt [ /eas.apm.emediate.eu ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\N51TLSW5.txt [ /hearstmagazines.112.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\J2F7XUZX.txt [ /trafficmp.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\9OYR4L9N.txt [ /indieclick.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\4999S6W8.txt [ /warnerbros.112.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\XF8ORL05.txt [ /shawtelevision.112.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\AD51E9ZE.txt [ /torstardigital.122.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\4ZJIYLUR.txt [ /statse.webtrendslive.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\YHN9K7O7.txt [ /kantarmedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\0DJGK9WJ.txt [ /clickbooth.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\GKCQT9U2.txt [ /a.intentmedia.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\FJAG0UPY.txt [ /www.discountcar.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\J8OQT5Z3.txt [ /ad2.adfarm1.adition.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\SSUOPBVH.txt [ /ad.mlnadvertising.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\SZXKK6PM.txt [ /cottagecountry.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\RDJ3D23K.txt [ /telus.122.2o7.net ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\60MS8WAE.txt [ /c1.atdmt.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\L45LOZ23.txt [ /c.atdmt.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\7J5MF79E.txt [ /ads.ookla.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\3EOWBYOE.txt [ /px.steelhousemedia.com ]
    C:\Users\Melody\AppData\Roaming\Microsoft\Windows\Cookies\60GQBM73.txt [ /server.iad.liveperson.net ]
    C:\USERS\MELODY\AppData\Roaming\Microsoft\Windows\Cookies\GCVNI7TC.txt [ Cookie:melody@www.google.com/accounts ]
    C:\USERS\MELODY\AppData\Roaming\Microsoft\Windows\Cookies\K2162F7R.txt [ Cookie:melody@www.fox16.com/news/story/Update-White-County-murder-suspect-arrested/ ]
    C:\USERS\MELODY\AppData\Roaming\Microsoft\Windows\Cookies\MRFZY1MU.txt [ Cookie:melody@adsonar.com/adserving ]
    C:\USERS\MELODY\AppData\Roaming\Microsoft\Windows\Cookies\ZNQ0OPK7.txt [ Cookie:melody@google.com/accounts/ ]
    C:\USERS\MELODY\AppData\Roaming\Microsoft\Windows\Cookies\Low\melody@stats.royalbank[2].txt [ Cookie:melody@stats.royalbank.com/ ]
    C:\USERS\MELODY\AppData\Roaming\Microsoft\Windows\Cookies\Low\melody@google[5].txt [ Cookie:melody@google.com/accounts/ ]
    C:\USERS\MELODY\AppData\Roaming\Microsoft\Windows\Cookies\Low\melody@www.google[10].txt [ Cookie:melody@www.google.com/accounts ]
    C:\USERS\MELODY\Cookies\melody@rev.remnantmedianetwork[2].txt [ Cookie:melody@rev.remnantmedianetwork.com/ ]
    C:\USERS\MELODY\Cookies\APBCTMOK.txt [ Cookie:melody@adinterax.com/ ]
    C:\USERS\MELODY\Cookies\UA8MDDH6.txt [ Cookie:melody@yieldmanager.net/ ]
    C:\USERS\MELODY\Cookies\1LDZLNSO.txt [ Cookie:melody@mediaplex.com/ ]
    C:\USERS\MELODY\Cookies\melody@c.gigcount[1].txt [ Cookie:melody@c.gigcount.com/ ]
    C:\USERS\MELODY\Cookies\PSD8QIBM.txt [ Cookie:melody@mm.chitika.net/ ]
    C:\USERS\MELODY\Cookies\QRE48192.txt [ Cookie:melody@networldmedia.net/ ]
    C:\USERS\MELODY\Cookies\VM5J3WQD.txt [ Cookie:melody@pointroll.com/ ]
    C:\USERS\MELODY\Cookies\ZS5D7JIV.txt [ Cookie:melody@atdmt.com/ ]
    C:\USERS\MELODY\Cookies\melody@imrworldwide[2].txt [ Cookie:melody@imrworldwide.com/cgi-bin ]
    C:\USERS\MELODY\Cookies\IDILWIGB.txt [ Cookie:melody@statcounter.com/ ]
    C:\USERS\MELODY\Cookies\AH8MOOUT.txt [ Cookie:melody@mywebsearch.com/ ]
    C:\USERS\MELODY\Cookies\VP2Y69M0.txt [ Cookie:melody@advanceinternet.122.2o7.net/ ]
    C:\USERS\MELODY\Cookies\DAPNB8RK.txt [ Cookie:melody@questionmarket.com/ ]
    C:\USERS\MELODY\Cookies\D8IDTAE9.txt [ Cookie:melody@atdmt.combing.com/ ]
    C:\USERS\MELODY\Cookies\E3RL27FD.txt [ Cookie:melody@searsca.122.2o7.net/ ]
    C:\USERS\MELODY\Cookies\ZI82XWKV.txt [ Cookie:melody@vitamine.networldmedia.net/ ]
    C:\USERS\MELODY\Cookies\3YMN1IOG.txt [ Cookie:melody@apmebf.com/ ]
    C:\USERS\MELODY\Cookies\50OS8750.txt [ Cookie:melody@ar.atwola.com/ ]
    C:\USERS\MELODY\Cookies\Y3FHRB49.txt [ Cookie:melody@legolas-media.com/ ]
    C:\USERS\MELODY\Cookies\melody@adxpose[1].txt [ Cookie:melody@adxpose.com/ ]
    C:\USERS\MELODY\Cookies\GCVNI7TC.txt [ Cookie:melody@www.google.com/accounts ]
    C:\USERS\MELODY\Cookies\melody@atdmt[2].txt [ Cookie:melody@atdmt.com/ ]
    C:\USERS\MELODY\Cookies\MPD9STFC.txt [ Cookie:melody@invitemedia.com/ ]
    C:\USERS\MELODY\Cookies\RDXP7WI2.txt [ Cookie:melody@rbc.bridgetrack.com/ ]
    C:\USERS\MELODY\Cookies\BX9V1RWA.txt [ Cookie:melody@nextag.com/ ]
    C:\USERS\MELODY\Cookies\QYR74N06.txt [ Cookie:melody@adbrite.com/ ]
    C:\USERS\MELODY\Cookies\QV89VNP1.txt [ Cookie:melody@content.yieldmanager.com/ ]
    C:\USERS\MELODY\Cookies\P6FSHJEO.txt [ Cookie:melody@anrtx.tacoda.net/ ]
    C:\USERS\MELODY\Cookies\K2162F7R.txt [ Cookie:melody@www.fox16.com/news/story/Update-White-County-murder-suspect-arrested/ ]
    C:\USERS\MELODY\Cookies\BJGHHHVZ.txt [ Cookie:melody@media303.com/ ]
    C:\USERS\MELODY\Cookies\FVF72DOB.txt [ Cookie:melody@revsci.net/ ]
    C:\USERS\MELODY\Cookies\UG6VWXMS.txt [ Cookie:melody@stats.royalbank.com/ ]
    C:\USERS\MELODY\Cookies\FCP1DGRM.txt [ Cookie:melody@advertising.com/ ]
    C:\USERS\MELODY\Cookies\melody@adserv.brandaffinity[1].txt [ Cookie:melody@adserv.brandaffinity.net/ ]
    C:\USERS\MELODY\Cookies\07KW2T5M.txt [ Cookie:melody@casalemedia.com/ ]
    C:\USERS\MELODY\Cookies\3RB6PNG9.txt [ Cookie:melody@sales.liveperson.net/ ]
    C:\USERS\MELODY\Cookies\K303K8ZD.txt [ Cookie:melody@examinercom.122.2o7.net/ ]
    C:\USERS\MELODY\Cookies\XCKTE64E.txt [ Cookie:melody@media6degrees.com/ ]
    C:\USERS\MELODY\Cookies\melody@adserver.valwa[2].txt [ Cookie:melody@adserver.valwa.com/ ]
    C:\USERS\MELODY\Cookies\UZZOXLHP.txt [ Cookie:melody@bs.serving-sys.com/ ]
    C:\USERS\MELODY\Cookies\melody@affiliate.admediatrack[2].txt [ Cookie:melody@affiliate.admediatrack.com/ ]
    C:\USERS\MELODY\Cookies\Q1SK8L92.txt [ Cookie:melody@cbsdigitalmedia.112.2o7.net/ ]
    C:\USERS\MELODY\Cookies\L1VZ7DSN.txt [ Cookie:melody@ads.pointroll.com/ ]
    C:\USERS\MELODY\Cookies\MRFZY1MU.txt [ Cookie:melody@adsonar.com/adserving ]
    C:\USERS\MELODY\Cookies\melody@adtech[1].txt [ Cookie:melody@adtech.de/ ]
    C:\USERS\MELODY\Cookies\HY52OKR2.txt [ Cookie:melody@accounts.google.com/ ]
    C:\USERS\MELODY\Cookies\8SPLF48F.txt [ Cookie:melody@ru4.com/ ]
    C:\USERS\MELODY\Cookies\2MA9F3J3.txt [ Cookie:melody@h.atdmt.com/ ]
    C:\USERS\MELODY\Cookies\melody@dmtracker[1].txt [ Cookie:melody@dmtracker.com/ ]
    C:\USERS\MELODY\Cookies\W4YHJHV4.txt [ Cookie:melody@clicksor.com/ ]
    C:\USERS\MELODY\Cookies\melody@microsoftwllivemkt.112.2o7[1].txt [ Cookie:melody@microsoftwllivemkt.112.2o7.net/ ]
    C:\USERS\MELODY\Cookies\04C2PYKE.txt [ Cookie:melody@content.yieldmanager.com/ak/ ]
    C:\USERS\MELODY\Cookies\1D6T8C7J.txt [ Cookie:melody@realmedia.com/ ]
    C:\USERS\MELODY\Cookies\M8U7R6CL.txt [ Cookie:melody@www.googleadservices.com/pagead/conversion/1037274558/ ]
    C:\USERS\MELODY\Cookies\GB04HJEX.txt [ Cookie:melody@www.daleyscountrywide.com/ ]
    C:\USERS\MELODY\Cookies\RYSXX0MF.txt [ Cookie:melody@cz7.clickzs.com/ ]
    C:\USERS\MELODY\Cookies\EA0WSTGU.txt [ Cookie:melody@ads.saymedia.com/ ]
    C:\USERS\MELODY\Cookies\923E7CAN.txt [ Cookie:melody@2o7.net/ ]
    C:\USERS\MELODY\Cookies\KZ0SROS7.txt [ Cookie:melody@amazon-adsystem.com/ ]
    C:\USERS\MELODY\Cookies\GPAH7N4Q.txt [ Cookie:melody@rotator.adjuggler.com/ ]
    C:\USERS\MELODY\Cookies\IECDWJCN.txt [ Cookie:melody@paypal.112.2o7.net/ ]
    C:\USERS\MELODY\Cookies\MRSIABJ3.txt [ Cookie:melody@kontera.com/ ]
    C:\USERS\MELODY\Cookies\9OSAWKAC.txt [ Cookie:melody@liveperson.net/hc/17490713 ]
    C:\USERS\MELODY\Cookies\92M1UFFP.txt [ Cookie:melody@adfarm1.adition.com/ ]
    C:\USERS\MELODY\Cookies\Q8N0HA0Y.txt [ Cookie:melody@avgtechnologies.112.2o7.net/ ]
    C:\USERS\MELODY\Cookies\2GCYR7T6.txt [ Cookie:melody@daleyscountrywide.com/ ]
    C:\USERS\MELODY\Cookies\2HXDI6UF.txt [ Cookie:melody@steelhousemedia.com/ ]
    C:\USERS\MELODY\Cookies\FHQVVQF4.txt [ Cookie:melody@citi.bridgetrack.com/ ]
    C:\USERS\MELODY\Cookies\B2OHW6ZY.txt [ Cookie:melody@ads.gamersmedia.com/ ]
    C:\USERS\MELODY\Cookies\BX12U2ZO.txt [ Cookie:melody@discountcar.com/ ]
    C:\USERS\MELODY\Cookies\9227FG8E.txt [ Cookie:melody@intermundomedia.com/ ]
    C:\USERS\MELODY\Cookies\UTA278KB.txt [ Cookie:melody@dc.tremormedia.com/ ]
    C:\USERS\MELODY\Cookies\MLBX9Z62.txt [ Cookie:melody@azjmp.com/ ]
    C:\USERS\MELODY\Cookies\10898WZ7.txt [ Cookie:melody@data.coremetrics.com/ ]
    C:\USERS\MELODY\Cookies\ZNQ0OPK7.txt [ Cookie:melody@google.com/accounts/ ]
    C:\USERS\MELODY\Cookies\1MNQBKIR.txt [ Cookie:melody@optimize.indieclick.com/ ]
    C:\USERS\MELODY\Cookies\M3G6QRJJ.txt [ Cookie:melody@at.atwola.com/ ]
    C:\USERS\MELODY\Cookies\FDP065W1.txt [ Cookie:melody@in.getclicky.com/ ]
    C:\USERS\MELODY\Cookies\EP0MYZ3M.txt [ Cookie:melody@srv1.okramedia.com/ ]
    C:\USERS\MELODY\Cookies\LNSI80J2.txt [ Cookie:melody@f.blogads.com/ ]
    C:\USERS\MELODY\Cookies\5QG9V00G.txt [ Cookie:melody@lfstmedia.com/ ]
    C:\USERS\MELODY\Cookies\O5BU7NVN.txt [ Cookie:melody@xiti.com/ ]
    C:\USERS\MELODY\Cookies\1KDAU5WB.txt [ Cookie:melody@eas.apm.emediate.eu/ ]
    C:\USERS\MELODY\Cookies\N51TLSW5.txt [ Cookie:melody@hearstmagazines.112.2o7.net/ ]
    C:\USERS\MELODY\Cookies\J2F7XUZX.txt [ Cookie:melody@trafficmp.com/ ]
    C:\USERS\MELODY\Cookies\9OYR4L9N.txt [ Cookie:melody@indieclick.com/ ]
    C:\USERS\MELODY\Cookies\AD51E9ZE.txt [ Cookie:melody@torstardigital.122.2o7.net/ ]
    C:\USERS\MELODY\Cookies\0DJGK9WJ.txt [ Cookie:melody@clickbooth.com/ ]
    C:\USERS\MELODY\Cookies\FJAG0UPY.txt [ Cookie:melody@www.discountcar.com/ ]
    C:\USERS\MELODY\Cookies\J8OQT5Z3.txt [ Cookie:melody@ad2.adfarm1.adition.com/ ]
    C:\USERS\MELODY\Cookies\SSUOPBVH.txt [ Cookie:melody@ad.mlnadvertising.com/ ]
    C:\USERS\MELODY\Cookies\SZXKK6PM.txt [ Cookie:melody@cottagecountry.net/ ]
    C:\USERS\MELODY\Cookies\RDJ3D23K.txt [ Cookie:melody@telus.122.2o7.net/ ]
    C:\USERS\MELODY\Cookies\L45LOZ23.txt [ Cookie:melody@c.atdmt.com/ ]
    C:\USERS\MELODY\Cookies\60GQBM73.txt [ Cookie:melody@server.iad.liveperson.net/ ]
    .advertising.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adxpose.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pro-market.net [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lfstmedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ad.mlnadvertising.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .yieldmanager.net [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nextag.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .bravenet.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    stats.adotube.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lucidmedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tacoda.at.atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ar.atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tacoda.at.atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tacoda.at.atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tacoda.at.atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .realmedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .realmedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .realmedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    network.realmedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .fastclick.net [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .nextag.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pro-market.net [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lfstmedia.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\MELODY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    a.ads2.msads.net [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    ads2.msads.net [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    bannerfarm.ace.advertising.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    broadcast.piximedia.fr [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    cdn4.specificclick.net [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    cloud.video.unrulymedia.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    content.oddcast.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    googleads.g.doubleclick.net [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    ia.media-imdb.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    interclick.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    media.dreamhost.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    media.mtvnservices.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    media.podaddies.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    media.scanscout.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    media.tattomedia.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    media.thewb.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    media1.break.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    msnbcmedia.msn.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    msntest.serving-sys.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    objects.tremormedia.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    s0.2mdn.net [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    secure-us.imrworldwide.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    serving-sys.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    spe.atdmt.com [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    udn.specificclick.net [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]
    vitamine.networldmedia.net [ C:\USERS\MELODY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\JDXRF3GR ]


    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    Malwarebytes : Free anti-malware download

    Database version: v2013.02.05.11

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Melody :: MELODY-PC [administrator]

    Protection: Enabled

    05/02/2013 6:37:47 PM
    MBAM-log-2013-02-05 (21-16-09)Jadyn.txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 221493
    Time elapsed: 31 minute(s), 42 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 1
    C:\Program Files\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.

    Registry Keys Detected: 24
    HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> No action taken.
    HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> No action taken.
    HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.
    HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> No action taken.
    HKCU\Software\AppDataLow\Software\MyWebSearch (PUP.MyWebsearch) -> No action taken.
    HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.

    Registry Values Detected: 1
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DealAssistant (Trojan.Agent) -> Data: C:\Users\Melody\AppData\Roaming\DealAssistant\dealassistant.exe -> No action taken.

    Registry Data Items Detected: 2
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bad: (http://www.mirarsearch.com/?useie5=1&q=) Good: (Google) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bad: (http://www.mirarsearch.com/?useie5=1&q=) Good: (Google) -> No action taken.

    Folders Detected: 1
    C:\Users\Melody\AppData\Roaming\DealAssistant (Trojan.Agent) -> No action taken.

    Files Detected: 2
    C:\Program Files\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
    C:\Users\Melody\AppData\Roaming\DealAssistant\config.cfg (Trojan.Agent) -> No action taken.

    (end)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:46:30 PM, on 05/02/2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ltmoh\ltmoh.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
    C:\Windows\System32\ICO.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    C:\Users\Melody\AppData\Local\Smartbar\Application\QuickShare.exe
    C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.shoptoshiba.ca/welcome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
    O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Melody\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Melody\AppData\Local\Smartbar\Application\QuickShare.exe startup
    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_56F414BD211ED8A2E3D82E3E8FAC8E1A] "C:\Users\Melody\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Melody\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing)
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Google Update Service (gupdate1c9a1a2fb5ba039) (gupdate1c9a1a2fb5ba039) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 14214 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    5,956
    Points
    1067

    Default

    Hi,

    No need to attach files anyway. Better that you copy an paste them.

    Your Malwarebytes shows "No Action taken"Let Malwarebytes remove everything it finds:
    Make sure that everything is checked, and click Remove Selected.

    Next

    We need to see some information about what is happening in your machine. Please perform the following scan:
    • Download DDS by sUBs from one of the following links. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    There are 2 logs created post them both please...

    Information on A/V control HERE
    Last edited by zep516; 02-05-2013 at 10:36 PM.




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

  3. #3
    Member Jadyn's Avatar
    Join Date
    Apr 2004
    Posts
    89
    Points
    2

    Default

    Zep, Alright I've done what you've asked. I'm not sure why the Malware said no action was taken because I had done what was asked and removed all the threats. Kinda weird but I redid it and it showed no threats.


    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    Malwarebytes : Free anti-malware download

    Database version: v2013.02.05.11

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Melody :: MELODY-PC [administrator]

    Protection: Enabled

    05/02/2013 11:42:32 PM
    mbam-log-2013-02-05 (23-42-32).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 221930
    Time elapsed: 23 minute(s), 21 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16457
    Run by Melody at 0:32:31 on 2013-02-06
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.2941.1367 [GMT -5:00]
    .
    AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
    C:\Windows\system32\agrsmsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ltmoh\ltmoh.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
    C:\Windows\System32\ICO.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    C:\Users\Melody\AppData\Local\Smartbar\Application\QuickShare.exe
    C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=hp&installDate=01/01/1970
    uSearch Bar = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    uSearch Page = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    mStart Page = hxxp://www.shoptoshiba.ca/welcome
    mSearch Bar = hxxp://www.google.com
    mDefault_Page_URL = hxxp://www.shoptoshiba.ca/welcome
    uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
    BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
    TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
    TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
    uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
    uRun: [ares] "c:\program files\ares\Ares.exe" -h
    uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
    uRun: [Google Update] "c:\users\melody\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    uRun: [Browser Infrastructure Helper] c:\users\melody\appdata\local\smartbar\application\QuickShare.exe startup
    uRun: [GoogleChromeAutoLaunch_56F414BD211ED8A2E3D82E3E8FAC8E1A] "c:\users\melody\appdata\local\google\chrome\application\chrome.exe" --no-startup-window
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
    mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
    mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
    mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
    mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
    mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
    mRun: [jswtrayutil] "c:\program files\jumpstart\jswtrayutil.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Mouse Suite 98 Daemon] ICO.EXE
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\runreg~1.lnk - c:\program files\wificonnector\NintendoWFCReg.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Free YouTube to MP3 Converter - c:\users\melody\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
    IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{178EEBBF-CFD4-4F18-94F2-E2D18F2CB8CB} : DHCPNameServer = 64.71.255.198
    TCP: Interfaces\{60C53B5D-891D-4830-AD30-CD92138DA1C8} : DHCPNameServer = 192.168.0.1
    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
    R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
    R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
    R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2008-11-25 20352]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
    R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\adobe\elements 11 organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
    R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2007-12-25 40960]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-2-5 398184]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-2-5 682344]
    R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
    R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-2-11 7168]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-2-5 21104]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate1c9a1a2fb5ba039;Google Update Service (gupdate1c9a1a2fb5ba039);c:\program files\google\update\GoogleUpdate.exe [2009-3-10 133104]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-3 160944]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
    S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2008-11-25 937984]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2013-02-06 02:51:20 -------- d-----w- c:\program files\Trend Micro
    2013-02-05 23:34:37 -------- d-----w- c:\users\melody\appdata\roaming\Malwarebytes
    2013-02-05 23:34:19 -------- d-----w- c:\programdata\Malwarebytes
    2013-02-05 23:34:18 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-02-05 23:34:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2013-02-05 23:23:56 -------- d-----w- c:\users\melody\appdata\local\{1A26A758-387A-4DAC-B43F-52D26344C677}
    2013-02-05 20:32:42 -------- d-----w- c:\users\melody\appdata\roaming\SUPERAntiSpyware.com
    2013-02-05 20:32:24 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2013-02-05 20:32:24 -------- d-----w- c:\program files\SUPERAntiSpyware
    2013-02-05 19:41:41 -------- d-----w- c:\program files\SecondLifeViewer
    2013-02-05 18:11:55 -------- d-----w- c:\users\melody\appdata\local\{B8009994-4A8B-4DCC-A6F6-3796001C1A76}
    2013-02-05 00:14:54 -------- d-----w- c:\users\melody\appdata\local\{AE1F5151-63F6-43BA-B315-6B7EB6329C86}
    2013-02-02 01:27:00 -------- d-----w- c:\users\melody\appdata\local\{18317131-DC5D-40E8-BE41-6BAC689A3095}
    2013-02-01 16:36:31 -------- d-----w- c:\users\melody\appdata\local\{AF6AA0AC-2B0C-4A10-90D9-FD9C1C631FE2}
    2013-01-28 22:48:38 -------- d-----w- c:\users\melody\appdata\local\{9F1639A1-68A0-4176-A491-47B4416835BF}
    2013-01-09 00:09:17 -------- d-----w- c:\users\melody\appdata\local\{D7B5DE18-ADDB-488C-96DF-A1639367A8CA}
    .
    ==================== Find3M ====================
    .
    2013-01-09 01:14:01 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-01-09 01:14:01 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
    2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
    2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-11-13 01:36:35 2048000 ----a-w- c:\windows\system32\win32k.sys
    2012-11-13 01:29:51 2048 ----a-w- c:\windows\system32\tzres.dll
    .
    ============= FINISH: 0:33:13.24 ===============



    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 26/11/2008 12:03:00 PM
    System Uptime: 05/02/2013 9:27:57 PM (3 hours ago)
    .
    Motherboard: TOSHIBA | |
    Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-57 | Socket M2/S1G1 | 800/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 220 GiB total, 131.792 GiB free.
    D: is FIXED (NTFS) - 6 GiB total, 5.914 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1166: 14/12/2012 10:06:02 AM - Windows Update
    RP1168: 14/12/2012 3:50:29 PM - Installed Router
    RP1169: 15/12/2012 12:44:58 PM - Scheduled Checkpoint
    RP1170: 15/12/2012 4:06:08 PM - Installed AVG 2013
    RP1171: 15/12/2012 4:07:27 PM - Installed AVG 2013
    RP1172: 16/12/2012 6:54:09 PM - Scheduled Checkpoint
    RP1173: 17/12/2012 10:25:22 AM - Windows Update
    RP1174: 18/12/2012 3:20:21 PM - Scheduled Checkpoint
    RP1175: 19/12/2012 4:04:58 PM - Scheduled Checkpoint
    RP1176: 21/12/2012 8:02:50 PM - Scheduled Checkpoint
    RP1177: 22/12/2012 10:24:45 AM - Windows Update
    RP1178: 01/02/2013 11:21:30 AM - Windows Update
    RP1179: 05/02/2013 8:18:08 PM - Scheduled Checkpoint
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    2007 Microsoft Office system
    Activation Assistant for the 2007 Microsoft Office suites
    Adobe AIR
    Adobe Download Assistant
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop Elements 11
    Adobe Reader 8.1.4
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft MediaImpression
    Atheros Driver Installation Program
    Atheros Wi-Fi Protected Setup Library
    ATI Catalyst Install Manager
    AVG 2013
    Bonjour
    Business Contact Manager for Outlook 2007 SP2
    Camera Assistant Software for Toshiba
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center Localization Chinese Standard
    Catalyst Control Center Localization Chinese Traditional
    Catalyst Control Center Localization Czech
    Catalyst Control Center Localization Danish
    Catalyst Control Center Localization Dutch
    Catalyst Control Center Localization Finnish
    Catalyst Control Center Localization French
    Catalyst Control Center Localization German
    Catalyst Control Center Localization Greek
    Catalyst Control Center Localization Hungarian
    Catalyst Control Center Localization Italian
    Catalyst Control Center Localization Japanese
    Catalyst Control Center Localization Korean
    Catalyst Control Center Localization Norwegian
    Catalyst Control Center Localization Polish
    Catalyst Control Center Localization Portuguese
    Catalyst Control Center Localization Russian
    Catalyst Control Center Localization Spanish
    Catalyst Control Center Localization Swedish
    Catalyst Control Center Localization Thai
    Catalyst Control Center Localization Turkish
    ccc-core-static
    ccc-utility
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CD/DVD Drive Acoustic Silencer
    D3DX10
    DVD MovieFactory for TOSHIBA
    Elements 11 Organizer
    Free YouTube to MP3 Converter version 3.11.37.1212
    GearDrvs
    Google Chrome
    Google Gears
    Google Update Helper
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Imprudence Viewer 1.4.0 Experimental 2011.04.02
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 29
    Java(TM) 6 Update 3
    Java(TM) 6 Update 7
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.70.0.1100
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2003 Web Components
    Microsoft Office 2007 Primary Interop Assemblies
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Hybrid 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Small Business Connectivity Components
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    Microsoft SQL Server Native Client
    Microsoft SQL Server Setup Support Files (English)
    Microsoft SQL Server VSS Writer
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft XML Parser
    Mouse Suite
    MSVCRT
    MSXML 4.0 SP2 (KB941833)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    My Photo Calendars and Cards
    Nintendo Wi-Fi USB Connector Registration Tool
    Norton 360
    OnlinePlay 1.0
    OpenOffice.org 3.2
    Phoenix Viewer 1.5.2.1185
    PokerStars
    PSE11 STI Installer
    QuickShare
    QuickTime
    Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    RSH Home Networking Wizard
    SecondLife (remove only)
    SecondLifeViewer2 (remove only)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Security Update for Windows Media Encoder (KB2447961)
    Security Update for Windows Media Encoder (KB954156)
    Security Update for Windows Media Encoder (KB979332)
    Segoe UI
    SHG Installation
    Side By Side Fix
    Skins
    Skype Click to Call
    Skype™ 5.10
    Spelling Dictionaries Support For Adobe Reader 8
    SUPERAntiSpyware
    Synaptics Pointing Device Driver
    TOSHIBA Assist
    TOSHIBA ConfigFree
    TOSHIBA Disc Creator
    TOSHIBA DVD PLAYER
    TOSHIBA Extended Tiles for Windows Mobility Center
    TOSHIBA Face Recognition
    TOSHIBA Hardware Setup
    TOSHIBA Recovery Disc Creator
    Toshiba Registration
    TOSHIBA Software Modem
    TOSHIBA Speech System Applications
    TOSHIBA Speech System SR Engine(U.S.) Version1.0
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    TOSHIBA Supervisor Password
    TOSHIBA Value Added Package
    Uninstall 1.0.0.1
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Encoder 9 Series
    World Gaming Center Version 2.1.2 + Emoticons + WGC Friends PBR
    Yahoo! Messenger
    .
    ==== End Of File ===========================

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    5,956
    Points
    1067

    Default

    Hi,

    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista and Windows 7 users:
      Right click in the adwCleaner.exe and select
    • Click the Search button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[R1].txt.


    Next

    Please download Junkware Removal Tool to your desktop.


    • shut down your protection software now to avoid potential conflicts.
    • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
      the tool will open and start scanning your system
    • please be patient as this can take a while to complete depending on your system's specifications
    • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
    • post the contents of JRT.txt into your next message.
    Last edited by zep516; 02-06-2013 at 12:47 AM.




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

  5. #5
    Member Jadyn's Avatar
    Join Date
    Apr 2004
    Posts
    89
    Points
    2

    Default

    Here ya go Zep.

    # AdwCleaner v2.111 - Logfile created 02/06/2013 at 01:00:37
    # Updated 05/02/2013 by Xplode
    # Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # User : Melody - MELODY-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Melody\Downloads\adwcleaner.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Found : C:\ProgramData\AVG Security Toolbar
    Folder Found : C:\Users\Melody\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
    Folder Found : C:\Users\Melody\AppData\Local\Smartbar
    Folder Found : C:\Users\Melody\AppData\Local\Temp\Smartbar
    Folder Found : C:\Users\Melody\AppData\LocalLow\FunWebProducts
    Folder Found : C:\Users\Melody\AppData\LocalLow\MyWebSearch
    Folder Found : C:\Users\Melody\AppData\LocalLow\Smartbar
    Folder Found : C:\Users\Melody\AppData\Roaming\OpenCandy

    ***** [Registry] *****

    Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
    Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
    Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
    Key Found : HKCU\Software\AVG Security Toolbar
    Key Found : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKCU\Software\SmartBar
    Key Found : HKCU\Software\SmartbarBackup
    Key Found : HKCU\Software\SmartbarLog
    Key Found : HKLM\Software\AVG Security Toolbar
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Key Found : HKLM\SOFTWARE\Software
    Key Found : HKU\S-1-5-21-2813728509-2743499342-3802432080-1003\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16457

    [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=hp&installDate=01/01/1970
    [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970
    [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=CA&userid=25b81bf3-f0b2-4f21-a8e9-486386f3c9a4&searchtype=ds&q={searchTerms}&installDate=01/01/1970

    -\\ Google Chrome v24.0.1312.57

    File : C:\Users\Melody\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [4745 octets] - [06/02/2013 01:00:37]

    ########## EOF - C:\AdwCleaner[R1].txt - [4805 octets] ##########


    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.6.2 (02.02.2013:2)
    OS: Windows Vista (TM) Home Premium x86
    Ran by Melody on 06/02/2013 at 1:02:59.17
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\windows\currentversion\run\\browser infrastructure helper
    Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
    Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
    Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
    Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
    Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
    Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
    Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2813728509-2743499342-3802432080-1003\software\microsoft\internet explorer\main\\Start Page
    Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2813728509-2743499342-3802432080-1003\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Bar
    Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2813728509-2743499342-3802432080-1003\software\microsoft\internet explorer\main\\Search Bar
    Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Search Page
    Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2813728509-2743499342-3802432080-1003\software\microsoft\internet explorer\main\\Search Page
    Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\search\\Default_Search_URL
    Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2813728509-2743499342-3802432080-1003\software\microsoft\internet explorer\search\\Default_Search_URL
    Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchurl\\Default
    Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2813728509-2743499342-3802432080-1003\software\microsoft\internet explorer\searchurl\\Default
    Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchurl\\Default
    Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\search\\SearchAssistant
    Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2813728509-2743499342-3802432080-1003\software\microsoft\internet explorer\search\\SearchAssistant



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] hkey_current_user\software\smartbar
    Successfully deleted: [Registry Key] hkey_current_user\software\smartbarbackup
    Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\fun web products
    Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\funwebproducts
    Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
    Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
    Successfully deleted: [Registry Key] hkey_classes_root\clsid\{31ad400d-1b06-4e33-a59a-90c2c140cba0}
    Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}
    Successfully deleted: [Registry Key] hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179}
    Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ae07101b-46d4-4a98-af68-0333ea26e113}



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\Melody\AppData\Roaming\dvdvideosoftiehelpers"
    Successfully deleted: [Folder] "C:\Users\Melody\AppData\Roaming\opencandy"
    Failed to delete: [Folder] "C:\Users\Melody\appdata\local\smartbar"
    Successfully deleted: [Folder] "C:\Users\Melody\appdata\locallow\funwebproducts"
    Successfully deleted: [Folder] "C:\Users\Melody\appdata\locallow\mywebsearch"
    Successfully deleted: [Folder] "C:\Users\Melody\appdata\locallow\smartbar"
    Failed to delete: [Folder] "C:\Users\Melody\Local Settings\Application Data\smartbar"



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 06/02/2013 at 1:15:55.06
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    5,956
    Points
    1067

    Default

    Next

    Run AdwCleaner again this time select Delete

    Once done it will ask to reboot, allow this
    On reboot a log will be produced please post that log in your next reply.




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

  7. #7
    Member Jadyn's Avatar
    Join Date
    Apr 2004
    Posts
    89
    Points
    2

    Default

    Zep,
    I am having issues trying to do the ADWCleaning, I do it and then my computer goes to reboot but it's not restarting. Then when I start it myself, I get the "there was a problem with your restart" message and it goes to repair it. It seems to repair it and it starts up but I never get the log for the ADW Cleaner. I'm also getting another error message at times on start up that says "locale data missing reinstall files". So I'm not sure what is going on but I can not get the log for the ADW Cleaner.

    Jadyn

    Just adding on to this, I also realized last night I did not do everything I was supposed too with the hijack log. So I did that today and deleted the entries it told me too while in safe mode and this is the newest log from hijack this.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:19:02 PM, on 06/02/2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Safe mode

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Users\Melody\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.shoptoshiba.ca/welcome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
    O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [DealAssistant] C:\Users\Melody\AppData\Roaming\DealAssistant\dealassistant.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Melody\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Melody\AppData\Local\Smartbar\Application\QuickShare.exe startup
    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_56F414BD211ED8A2E3D82E3E8FAC8E1A] "C:\Users\Melody\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Run Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Melody\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing)
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Google Update Service (gupdate1c9a1a2fb5ba039) (gupdate1c9a1a2fb5ba039) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 11740 bytes
    Last edited by Jadyn; 02-06-2013 at 04:29 PM.

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    5,956
    Points
    1067

    Default

    Hi,

    Sorry for delay, Don't worry about adwcleaner for now, is the computer booting ok otherwise?

    Can you run this scan it will show us a bit more information.

    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Under the Standard Registry box change it to All.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

  9. #9
    Member Jadyn's Avatar
    Join Date
    Apr 2004
    Posts
    89
    Points
    2

    Default

    Here ya go Zep, also just wanted to note I fixed the error that said locale data missing, for some reason Google Chrome was missing the files so removing it from the computer and redownloading it fixed that issue. Still having restart issues but I have had those for quite awhile, I was ok if I'd just turn off my computer and start it up, but doing a restart I'd have issues.

    Jadyn

    OTL logfile created on: 07/02/2013 10:52:56 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Melody\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

    2.87 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 49.28% Memory free
    5.96 Gb Paging File | 4.10 Gb Available in Paging File | 68.72% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 219.79 Gb Total Space | 138.20 Gb Free Space | 62.88% Space Free | Partition Type: NTFS
    Drive D: | 5.98 Gb Total Space | 5.91 Gb Free Space | 98.88% Space Free | Partition Type: NTFS

    Computer Name: MELODY-PC | User Name: Melody | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Melody\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Users\Melody\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar)
    PRC - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)
    PRC - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
    PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
    PRC - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
    PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
    PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
    PRC - C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
    PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
    PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
    PRC - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
    PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
    PRC - C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
    PRC - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
    PRC - C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.)
    PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
    PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\439eccf3a1fb34830a0a38cdf48afa08\System.Web.Services.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\259f7342c8ebb1150db3df1bc4d3394c\System.Web.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
    MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll ()
    MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
    MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
    MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
    MOD - C:\Program Files\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll ()
    MOD - C:\Users\Melody\AppData\Local\Smartbar\Application\MACTrackBarLib.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
    MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2783.40072__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2783.40029__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2783.40085__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2783.40293__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2783.40250__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2783.40064__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2783.40085__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2783.40186__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2783.40049__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2783.40327__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2783.40334__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2783.40043__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2783.40258__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2783.40265__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2783.40257__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2783.40320__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2783.40195__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2783.40098__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2783.40187__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2783.40050__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2783.40278__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2783.40237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2783.40180__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2783.40105__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2783.40092__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2783.40217__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2783.40194__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2783.40186__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2783.40104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2783.40194__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2783.40216__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2783.40237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2729.30202__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2729.30197__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2729.30224__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2729.30212__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2729.30222__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2729.30178__90ba9c70f846762e\CLI.Foundation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2729.30174__90ba9c70f846762e\LOG.Foundation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2729.30313__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2729.30184__90ba9c70f846762e\NEWAEM.Foundation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2729.30259__90ba9c70f846762e\DEM.OS.I0602.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2729.30211__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2729.30185__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2729.30207__90ba9c70f846762e\MOM.Foundation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2729.30242__90ba9c70f846762e\DEM.OS.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2729.30256__90ba9c70f846762e\DEM.Graphics.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2729.30203__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2729.30264__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2729.30262__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2729.30241__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2729.30226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2729.30227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2729.30225__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2729.30230__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2729.30213__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2729.30259__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2729.30228__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2729.30212__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2729.30176__90ba9c70f846762e\AEM.Foundation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2729.30208__90ba9c70f846762e\APM.Foundation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2729.30201__90ba9c70f846762e\AEM.Server.Shared.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2783.40058__90ba9c70f846762e\CLI.Component.Wizard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2783.40305__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2783.40314__90ba9c70f846762e\MOM.Implementation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2783.40312__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2729.30193__90ba9c70f846762e\CLI.Foundation.Private.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2783.40357__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2729.30188__90ba9c70f846762e\LOG.Foundation.Private.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2729.30258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2729.30211__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2783.40019__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2783.40037__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2783.40021__90ba9c70f846762e\CLI.Component.Runtime.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2783.40022__90ba9c70f846762e\ATIDEMOS.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2729.30209__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2729.30205__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2783.40313__90ba9c70f846762e\CCC.Implementation.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2729.30214__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2729.30243__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2783.40021__90ba9c70f846762e\APM.Server.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2783.40020__90ba9c70f846762e\AEM.Server.dll ()
    MOD - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
    MOD - C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
    MOD - C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll ()
    MOD - C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll ()
    MOD - C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll ()
    MOD - c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
    MOD - C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
    MOD - C:\Windows\System32\atitmmxx.dll ()
    MOD - C:\Program Files\WiFiConnector\WIFICON.dll ()
    MOD - C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
    MOD - C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()


    ========== Services (SafeList) ==========

    SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
    SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe File not found
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
    SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (avgwd) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (AdobeActiveFileMonitor11.0) -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
    SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
    SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
    SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
    SRV - (TOSHIBA SMART Log Service) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
    SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
    SRV - (jswpsapi) -- C:\Program Files\Jumpstart\jswpsapi.exe (Atheros Communications, Inc.)
    SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
    SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
    DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
    DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
    DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
    DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
    DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
    DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
    DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
    DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
    DRV - (jswpslwf) -- C:\Windows\System32\drivers\jswpslwf.sys (Atheros Communications, Inc.)
    DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV - (RT25USBAP) -- C:\Windows\System32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)
    DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
    DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
    DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
    DRV - (pelmouse) -- C:\Windows\System32\drivers\PELMOUSE.SYS (Primax Electronics Ltd.)
    DRV - (pelusblf) -- C:\Windows\System32\drivers\PELUSBlf.SYS (Primax Electronics Ltd.)
    DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
    DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)


    ========== Standard Registry (All) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.shoptoshiba.ca/welcome
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
    IE - HKLM\..\SearchScopes,DefaultScope = {1F7FC083-BF7E-48E5-9B7E-4167747A75D0}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{1F7FC083-BF7E-48E5-9B7E-4167747A75D0}: "URL" = http://www.mirarsearch.com/?q={searchTerms}&a=SEARCH
    IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm575YYCA&fl=0&ptb=YrbN6upPM1k0NYSJGQuHSg&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=sb&searchfor={searchTerms}&si=39496
    IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Melody\Desktop
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Canada | Watch videos and read the latest news and entertainment articles
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 88 7D AC F8 03 CE 01 [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
    IE - HKCU\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{1F7FC083-BF7E-48E5-9B7E-4167747A75D0}: "URL" = http://www.mirarsearch.com/?q={searchTerms}&a=SEARCH
    IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm575YYCA&fl=0&ptb=YrbN6upPM1k0NYSJGQuHSg&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=sb&searchfor={searchTerms}&si=39496
    IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=us&nt=1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/20 12:28:54 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 22:35:21 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
    CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Melody\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
    CHR - plugin: Free Studio (Enabled) = C:\Users\Melody\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\np_dvs_plugin.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - Extension: Skype Click to Call = C:\Users\Melody\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
    CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Melody\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\

    O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (QuickShare Widget) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
    O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
    O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
    O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe" File not found
    O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
    O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.)
    O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
    O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
    O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h File not found
    O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Melody\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar)
    O4 - HKCU..\Run: [DealAssistant] C:\Users\Melody\AppData\Roaming\DealAssistant\dealassistant.exe File not found
    O4 - HKCU..\Run: [GoogleChromeAutoLaunch_56F414BD211ED8A2E3D82E3E8FAC8E1A] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
    O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
    O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
    O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Melody\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
    O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
    O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_03)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{178EEBBF-CFD4-4F18-94F2-E2D18F2CB8CB}: DhcpNameServer = 64.71.255.198
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60C53B5D-891D-4830-AD30-CD92138DA1C8}: DhcpNameServer = 192.168.0.1
    O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
    O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
    O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Melody\Documents\Ames\happytimes.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Melody\Documents\Ames\happytimes.jpg
    O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
    O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/02/07 10:44:53 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{A063A883-228E-44BA-BCDE-7ADBFFE4794E}
    [2013/02/06 19:02:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    [2013/02/06 14:38:23 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{1179E80F-71BF-4620-AB07-C95BB67B8535}
    [2013/02/06 10:36:31 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2013/02/06 10:35:37 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
    [2013/02/06 10:24:18 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{6F0F60CC-35AD-44BD-8F5D-1BF1FD520F2D}
    [2013/02/06 02:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    [2013/02/06 01:02:40 | 000,000,000 | ---D | C] -- C:\JRT
    [2013/02/05 21:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2013/02/05 18:34:38 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2013/02/05 18:34:37 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Roaming\Malwarebytes
    [2013/02/05 18:34:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/02/05 18:34:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2013/02/05 18:34:18 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2013/02/05 18:34:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2013/02/05 18:23:56 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{1A26A758-387A-4DAC-B43F-52D26344C677}
    [2013/02/05 15:32:42 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Roaming\SUPERAntiSpyware.com
    [2013/02/05 15:32:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2013/02/05 15:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2013/02/05 13:11:55 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{B8009994-4A8B-4DCC-A6F6-3796001C1A76}
    [2013/02/04 19:14:54 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{AE1F5151-63F6-43BA-B315-6B7EB6329C86}
    [2013/02/01 20:27:00 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{18317131-DC5D-40E8-BE41-6BAC689A3095}
    [2013/02/01 11:36:31 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{AF6AA0AC-2B0C-4A10-90D9-FD9C1C631FE2}
    [2013/01/28 17:48:38 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{9F1639A1-68A0-4176-A491-47B4416835BF}
    [2013/01/08 19:09:17 | 000,000,000 | ---D | C] -- C:\Users\Melody\AppData\Local\{D7B5DE18-ADDB-488C-96DF-A1639367A8CA}
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/02/07 10:48:50 | 004,703,586 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2013/02/07 10:48:47 | 002,221,682 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2013/02/07 10:45:29 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/02/07 10:42:25 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/02/07 10:42:13 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
    [2013/02/07 10:42:06 | 000,002,006 | ---- | M] () -- C:\Users\Melody\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/02/07 10:41:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/02/07 10:41:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/02/07 10:41:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/02/07 10:41:30 | 3084,521,472 | -HS- | M] () -- C:\hiberfil.sys
    [2013/02/06 23:13:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/02/06 19:02:59 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2013/02/06 15:36:20 | 001,689,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2013/02/06 02:04:40 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
    [2013/02/05 18:35:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2013/02/05 18:34:20 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/01/08 20:14:01 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2013/01/08 20:14:01 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/02/06 19:02:59 | 000,002,006 | ---- | C] () -- C:\Users\Melody\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/02/06 19:02:59 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2013/02/06 17:20:44 | 3084,521,472 | -HS- | C] () -- C:\hiberfil.sys
    [2013/02/05 18:34:20 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/12/22 10:25:33 | 000,000,036 | ---- | C] () -- C:\Windows\avgui.INI
    [2012/06/13 16:26:47 | 002,205,064 | ---- | C] () -- C:\ProgramData\shs_setup_4059-354328.exe
    [2012/06/13 16:26:45 | 000,000,653 | ---- | C] () -- C:\ProgramData\SHSupdates.xml
    [2011/07/06 13:43:07 | 000,000,000 | ---- | C] () -- C:\Users\Melody\AppData\Roaming\WGC_Client Preferences
    [2011/06/01 05:15:45 | 000,000,000 | ---- | C] () -- C:\Users\Melody\AppData\Local\{C09262F8-63DE-47E0-A3A3-7F523BB455DA}
    [2010/09/10 23:43:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009/01/15 17:21:03 | 000,017,920 | ---- | C] () -- C:\Users\Melody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/11/25 08:21:10 | 000,000,680 | ---- | C] () -- C:\Users\Melody\AppData\Local\d3d9caps.dat

    ========== ZeroAccess Check ==========

    [2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2012/12/15 16:14:55 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\AVG2013
    [2012/10/25 18:09:59 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    [2013/02/06 17:29:36 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\DealAssistant
    [2013/02/06 17:29:36 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\DVDVideoSoft
    [2011/09/25 21:57:21 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\Firestorm
    [2012/12/14 21:47:54 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\FrostWire
    [2011/08/21 14:00:10 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\go
    [2013/02/06 18:00:16 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\Imprudence
    [2011/05/16 22:17:08 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\Kirstens S21
    [2010/01/17 14:37:07 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\LimeWire
    [2013/02/06 17:27:02 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\OpenCandy
    [2009/03/03 16:29:49 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\OpenOffice.org
    [2013/02/06 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\SecondLife
    [2008/11/25 08:48:30 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\toshiba
    [2012/12/15 16:11:33 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\TuneUp Software
    [2013/02/06 17:29:38 | 000,000,000 | ---D | M] -- C:\Users\Melody\AppData\Roaming\UB

    ========== Purity Check ==========



    < End of report >


    OTL Extras logfile created on: 07/02/2013 10:52:56 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Melody\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

    2.87 Gb Total Physical Memory | 1.42 Gb Available Physical Memory | 49.28% Memory free
    5.96 Gb Paging File | 4.10 Gb Available in Paging File | 68.72% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 219.79 Gb Total Space | 138.20 Gb Free Space | 62.88% Space Free | Partition Type: NTFS
    Drive D: | 5.98 Gb Total Space | 5.91 Gb Free Space | 98.88% Space Free | Partition Type: NTFS

    Computer Name: MELODY-PC | User Name: Melody | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{1239A1AF-3452-4B81-846F-1005B3B79340}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{228B8277-6BBA-4E5B-9E6E-0F284D079A1A}" = rport=445 | protocol=6 | dir=out | app=system |
    "{34E11EA7-9EF3-4949-9A36-27F8FA58CA80}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{3FAB5AFA-2825-467A-920D-711CA916E1E9}" = rport=139 | protocol=6 | dir=out | app=system |
    "{43599052-AF99-42FB-B6A8-49B8FFC9E6CD}" = lport=445 | protocol=6 | dir=in | app=system |
    "{43904315-8BE0-4E98-9C9F-5283C81E5B89}" = lport=139 | protocol=6 | dir=in | app=system |
    "{43B752E6-53EF-4063-88DE-51636316BBE1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{4DD07D18-0FAB-4ACE-9F70-D4168EF6F835}" = lport=138 | protocol=17 | dir=in | app=system |
    "{69A48A23-1E8E-472C-9078-94B48BF361BA}" = rport=137 | protocol=17 | dir=out | app=system |
    "{8AFCD4E2-B389-49C9-8623-26CD90416C4F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{911101D0-C501-4225-B634-425366B7A611}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{9AB8A279-2DE4-416F-9A41-AA5AC45DC224}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{A177ED5B-85F6-4820-AB74-846096B93B80}" = rport=2869 | protocol=6 | dir=out | app=system |
    "{A7C068BA-4645-45AA-936B-A9A10E13F88E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{A8965629-B774-4195-B06B-49A43DB40604}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{A8D876C3-DFAD-4909-B111-CE2BA60DC638}" = rport=138 | protocol=17 | dir=out | app=system |
    "{AAFC3CD9-71C6-48E9-B6FA-89A6D59CD68C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
    "{AB8AD17D-86AE-466D-87B4-1B41F8897774}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{AD46593E-38D5-40E6-B9D2-2B8B3AE8DA46}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{ADEBDE20-16DC-43B9-9C9B-24BAAD64BC42}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{B55CCC33-6D10-475C-906D-6E6DE1144C30}" = lport=137 | protocol=17 | dir=in | app=system |
    "{CF6135BA-7332-424C-8838-ABC5410C50DA}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{D452EB51-7463-4473-817E-C138891C79C5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{F38C55DA-7FEA-430E-9908-7D2BEA18F2AD}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{032EF367-BAD8-44CE-A49B-4783E057EB18}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{0473702A-6307-475B-8CC8-74A96ADBAB6F}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
    "{079ECD79-E60D-4A66-B4CE-58068D8E6400}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
    "{1A9AE076-A222-4BC9-BBB4-552115622373}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{1D913907-5B68-415E-9FB7-491A435393DF}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
    "{30C19F3B-CF76-479D-9CC5-78D538B7A50A}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
    "{37AF60E8-A12B-42CF-9D7D-782D60BB7F31}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{3E768AE7-74F9-46F4-890D-83BE5A21B2B2}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
    "{3EF29DDE-49CF-4FA7-9E91-FEC13CADA422}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{433EC584-58FC-486D-995F-4351803DE375}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
    "{45405739-8133-4601-A0A0-C64B779013E2}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
    "{4B80D98F-F7CB-44B9-B43D-27FE6058C678}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{4D6A2469-DD06-402F-9827-4018EEC7B0ED}" = dir=in | app=c:\program files\wificonnector\nintendowfcreg.exe |
    "{4E918FF0-C77E-4AE3-A211-F562F84DBC50}" = dir=in | app=c:\program files\skype\phone\skype.exe |
    "{4F2F23E1-6F07-4D5D-9C27-20323D68586C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
    "{51A1E554-0F62-4A31-8FDF-52C39B8F64B8}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
    "{5B595DFC-0FBB-427B-9DB4-C56CCC07A4A4}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
    "{648BC887-763F-4F26-88AE-54B2DF9310C8}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
    "{6F00CCA3-57CF-46A6-A241-DA3829022F93}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{72C56F85-09C3-4570-BB59-C125C73208B3}" = protocol=17 | dir=in | app=f:\program files\frostwire\frostwire.exe |
    "{735F33D6-C359-4F08-B80C-355B82166071}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
    "{7643B6F9-B5C6-4BB4-B418-A053F477D652}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
    "{79574A10-2674-4EEC-93D0-3252D24477F1}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
    "{7AD9796F-1562-407B-825F-F29CAA44B37B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{8093E169-E02B-4ADE-9470-228D0924DB07}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
    "{80F3A6EF-ABE1-45CC-B777-25B3BE2B1D95}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
    "{837E46E3-AE77-4EF7-8F26-CC10A675E7B2}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
    "{88245588-6D04-4A4C-8714-2AC9C0CDA0FB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{888B95C4-66D4-47A2-95D5-86866EB29F44}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
    "{9660CC2D-E8D9-46BB-A0EE-090E6BE6C391}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
    "{A3D79D2C-0F49-4B59-82E0-571C2FEC8871}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
    "{B790F84F-F041-4565-B414-3D0DE358566B}" = protocol=6 | dir=in | app=f:\program files\frostwire\frostwire.exe |
    "{BF2BDA74-0C2F-4EE5-8BFE-B1686F294DFC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{C7456CF4-9019-41A3-AC4F-C068D04DC67C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{C8F6CFA2-54A8-4EF1-BAA1-8F70CCB02F2C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
    "{D43810A0-BF00-4A47-91C2-D8F158DDB2C2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
    "{D6147540-788C-46D8-98C8-44CAAFCE1DE1}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
    "{D7F5F0D1-605E-41FC-840B-712B204FCE9D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{D91C1236-C9C5-4E85-B5D5-25F825801D7F}" = protocol=6 | dir=in | app=f:\program files\frostwire\frostwire.exe |
    "{DCC02705-3CB0-478F-B3AB-1FB1C9353BCE}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
    "{E0DA8FA5-9C4B-422A-B9C5-3FE6F9CB73BB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{E5B70607-6B6A-485E-A3B2-A947C6D0F16D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
    "{E995E882-F6D1-4088-AE49-1289A0384300}" = protocol=17 | dir=in | app=f:\program files\frostwire\frostwire.exe |
    "{F3472399-5DD1-4D37-AB72-A0AC94464102}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
    "{FCFE376D-2AD8-4847-AFBC-7BE815E84A96}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{FDCFB475-D379-42D9-9627-946ABE7F66A3}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
    "{FE389840-14EB-4ABE-ADE1-D02B248CE12E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
    "TCP Query User{0307F959-3395-4A0C-8269-CBFC920C8BA8}C:\program files\secondlife\secondlife.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\secondlife.exe |
    "TCP Query User{37C5FCD0-BC79-432B-9C02-EFD88D0E8220}C:\program files\emerald viewer\emerald.exe" = protocol=6 | dir=in | app=c:\program files\emerald viewer\emerald.exe |
    "TCP Query User{4CBECD10-44D2-47CC-A492-9F733E9691A0}C:\program files\greenlife emerald viewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\greenlife emerald viewer\slvoice.exe |
    "TCP Query User{54B24AA1-848F-4508-BD68-94F88BFA9362}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
    "TCP Query User{551DE3E3-BA7E-4168-82B5-3773328E47D4}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
    "TCP Query User{686AD4AF-33A5-48E7-9DAF-86E7EF23B625}C:\program files\emerald viewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\emerald viewer\slvoice.exe |
    "TCP Query User{6C4F7028-F704-407D-B866-C94C33435058}C:\program files\greenlife emerald viewer\emerald.exe" = protocol=6 | dir=in | app=c:\program files\greenlife emerald viewer\emerald.exe |
    "TCP Query User{6EEDD4BB-1495-4AEF-89A1-F51F087292AA}C:\program files\snowglobe\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\snowglobe\slvoice.exe |
    "TCP Query User{7BA2DA34-497F-4E91-B3C0-C72DB2386792}C:\program files\phoenix viewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\phoenix viewer\slvoice.exe |
    "TCP Query User{7F2A87F1-1A01-4592-96A2-EEC13550E664}C:\program files\phoenix viewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\phoenix viewer\slvoice.exe |
    "TCP Query User{7FBDF5A8-1CCD-4379-9AF8-5B826BE7840B}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
    "TCP Query User{8741DC11-C23D-4E8A-ACDD-38368F921BBD}C:\program files\phoenix viewer\slplugin.exe" = protocol=6 | dir=in | app=c:\program files\phoenix viewer\slplugin.exe |
    "TCP Query User{8BE9F566-339B-4661-83B6-0CAE7DA26147}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
    "TCP Query User{900989AF-AD7C-4048-9142-628011F1A7EE}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "TCP Query User{98047D5F-C806-4F8F-8F7B-C0FA91C36922}C:\program files\emerald viewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\emerald viewer\slvoice.exe |
    "TCP Query User{C0E0C5A3-3B6A-4A1A-9B37-A9FE071C4A76}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
    "UDP Query User{0CDC3351-8BBD-4A57-B8BE-4677AE3BCDE2}C:\program files\phoenix viewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\phoenix viewer\slvoice.exe |
    "UDP Query User{1B0C389D-2326-4154-925A-44A261F26782}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
    "UDP Query User{284AD3D9-F8A5-463F-84C2-4588AD4ED7FB}C:\program files\greenlife emerald viewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\greenlife emerald viewer\slvoice.exe |
    "UDP Query User{323347A9-27C3-4732-9229-ACC4BB0D796A}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
    "UDP Query User{38F0762F-AA8B-481F-8D17-305BB474D557}C:\program files\emerald viewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\emerald viewer\slvoice.exe |
    "UDP Query User{42CE7A8D-DB97-4F85-B63C-0F9F6627503B}C:\program files\emerald viewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\emerald viewer\slvoice.exe |
    "UDP Query User{5BB91053-3C04-4C1F-8459-C8FA06459C31}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
    "UDP Query User{5D27FF35-D894-44C6-AD6B-8900AB026A35}C:\program files\greenlife emerald viewer\emerald.exe" = protocol=17 | dir=in | app=c:\program files\greenlife emerald viewer\emerald.exe |
    "UDP Query User{8E1B4954-A6B8-4742-BB0A-6C88B7DE56AD}C:\program files\snowglobe\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\snowglobe\slvoice.exe |
    "UDP Query User{A01CCDAE-1498-4FEA-A9D1-4EFE1BB3B1E3}C:\program files\emerald viewer\emerald.exe" = protocol=17 | dir=in | app=c:\program files\emerald viewer\emerald.exe |
    "UDP Query User{A3EBE987-AB7D-41DF-9703-5AFFA6055115}C:\program files\secondlife\secondlife.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\secondlife.exe |
    "UDP Query User{B6ADDFCA-2B11-4A68-9B85-E3900D9CC848}C:\program files\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlifeviewer2\slvoice.exe |
    "UDP Query User{BCB0C7AA-B4B2-4018-8899-C08FC184D8E0}C:\program files\phoenix viewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\phoenix viewer\slvoice.exe |
    "UDP Query User{C3B628C5-47F5-43CB-9A8B-2CDC9C3360D3}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
    "UDP Query User{CA3118B3-C12E-4080-AE1E-7D28535DD616}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "UDP Query User{CC92AE95-707C-4875-8C61-693F639972A9}C:\program files\phoenix viewer\slplugin.exe" = protocol=17 | dir=in | app=c:\program files\phoenix viewer\slplugin.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
    "{062ABD24-47F8-D865-BCB6-A724A94BC9A5}" = CCC Help Japanese
    "{06F2B3DC-74F4-300D-D41A-B21B46101CA2}" = Skins
    "{0A573F30-FB63-9A85-2E6E-39E1AC5366D0}" = Catalyst Control Center Localization Hungarian
    "{0A9F311E-A4B9-4808-1D1C-0B2E7705A735}" = Catalyst Control Center Localization Spanish
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
    "{0F15A965-99BA-BC9D-5A00-D7E1E7B2AE7F}" = Catalyst Control Center Localization French
    "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
    "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
    "{14FEF8C7-0EB1-47F2-6A13-D43171D4DFBB}" = Catalyst Control Center Localization Greek
    "{1D181764-DCD0-41B8-AA7B-0A599F027A72}" = Adobe Photoshop Elements 11
    "{1D4D4C5C-6771-A416-0FC9-167F47C4D977}" = Catalyst Control Center Localization Polish
    "{1E32C2AB-9722-5F41-7BDE-24B5AFD2BCE6}" = CCC Help Spanish
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
    "{21AEC16B-1C21-81B4-DA88-2235CC1F7E39}" = Catalyst Control Center Localization Japanese
    "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 29
    "{26DB09BC-6EB5-4CE0-A05D-D4DECE60E189}_is1" = Phoenix Viewer 1.5.2.1185
    "{288306FF-D5B5-7398-0617-E52F625C6797}" = CCC Help Norwegian
    "{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    "{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
    "{31AE724F-7E99-426A-8B0B-A2C5A33DA204}" = ArcSoft MediaImpression
    "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
    "{397AC65E-CB4A-29C2-ACF9-D04444438971}" = Catalyst Control Center Localization Thai
    "{3B96A467-811C-F9FE-B8D6-3BC952025F44}" = Catalyst Control Center Localization Dutch
    "{3BEEC9AD-FA8F-B413-6BBC-8B5DC7C8E08F}" = Catalyst Control Center Localization Portuguese
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    "{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
    "{45ECDC05-71AC-6372-2A17-4139B6296F4F}" = ccc-core-static
    "{480C3278-56A7-3F05-3829-6DC5D4B0CB06}" = CCC Help Portuguese
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
    "{4CA4D9FC-212C-9F69-E760-DB4BEB34FEB5}" = CCC Help Thai
    "{4DE0D937-FEB0-0D89-C8D6-35F600300BD4}" = CCC Help French
    "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
    "{526B6DD3-0C43-2C13-7DF8-44D20D4E9853}" = CCC Help English
    "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
    "{544587B1-B057-F0B3-7B19-6898ADBED9AC}" = Catalyst Control Center Localization Czech
    "{571C0874-A931-EEFE-E89D-8F912F633B9F}" = CCC Help Danish
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
    "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
    "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
    "{63427619-C918-6F3C-7318-11DDA4975241}" = ATI Catalyst Install Manager
    "{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
    "{648B4A01-F609-1D4E-556C-0F18B54E9E1C}" = Catalyst Control Center Localization Italian
    "{64F18837-72CE-DC38-899C-260AF20F979A}" = CCC Help Swedish
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69C82DDB-3FBC-EBEC-AE0A-3ABF1F3BD39B}" = CCC Help Polish
    "{6C530FF7-F6F2-FD4C-0CFC-49AD3E7244A9}" = Catalyst Control Center Localization Turkish
    "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
    "{6CA2BE46-A562-8CA4-1C33-CC2681B2DDA1}" = CCC Help Finnish
    "{6DBBEC03-716B-7954-873A-B782100831C5}" = Catalyst Control Center Graphics Full New
    "{70BCBA77-83D9-2075-1F99-69D65C44B422}" = Catalyst Control Center Graphics Full Existing
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{731E713B-C13E-4527-B624-8A6DF2D33DAF}" = AVG 2013
    "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
    "{78E6BC53-F765-2629-C028-9F3CD49F70D4}" = CCC Help Chinese Standard
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7ECE1045-66CB-2A70-7EAE-BE508AF95CF2}" = Catalyst Control Center Graphics Previews Vista
    "{7FD093C2-3493-4B17-BB15-B129A7D1DC51}" = AVG 2013
    "{81F93FA5-BA87-322F-2166-4D1F0FFE196E}" = CCC Help Greek
    "{8376FC56-5456-DFF9-5C36-FAB3DE39F5DF}" = Catalyst Control Center Localization Norwegian
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{85B3880D-F0D2-A50C-1464-7EF646A1D21D}" = Catalyst Control Center Localization Danish
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D0957A4-8EE7-E273-0BFC-9B235BEAA41A}" = CCC Help Dutch
    "{8D44F868-DA59-B1BF-CC33-58B0AF8E2E39}" = Catalyst Control Center Localization Chinese Traditional
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
    "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{98CE8819-87AA-4814-8167-ADDDD513485F}" = PSE11 STI Installer
    "{9A3F65CA-78FA-4749-004B-23743CF642D1}" = Catalyst Control Center Localization Korean
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
    "{A5B13934-D1C9-D33B-982E-BB09A19C0F90}" = Catalyst Control Center Localization Finnish
    "{A60F4402-4CCE-E695-64C6-F0636ACC347F}" = CCC Help Italian
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A91A0484-8087-A838-9BA6-03374BE3F2CE}" = Catalyst Control Center Localization Russian
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AA725670-A7B4-D1B0-4EF5-F4B2E418C9F4}" = Catalyst Control Center Localization German
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
    "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
    "{ADBE6E56-60E7-7FC3-467A-827987BE09CE}" = Catalyst Control Center Localization Swedish
    "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
    "{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
    "{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
    "{B1819DF7-D6B1-27AA-3A3B-6560C348C386}" = Catalyst Control Center Core Implementation
    "{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
    "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
    "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{B9CD69C2-D14E-C499-C18B-7342E5FE245E}" = Catalyst Control Center Localization Chinese Standard
    "{BEFBEDDF-1417-4C8A-92FB-F003C0D41199}" = OpenOffice.org 3.2
    "{C1845647-AAD6-4126-9335-4922BA3B0423}" = QuickShare
    "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
    "{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
    "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
    "{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}" = Elements 11 Organizer
    "{D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941}" = Catalyst Control Center - Branding
    "{D8F9F4CB-41A1-CF15-39A2-75F28E0B9991}" = CCC Help Korean
    "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
    "{DDA258BA-57D9-A76C-84CB-F19571A45FC8}" = ccc-utility
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DF73BEDD-8A09-A6E2-462B-3BDF398BAFB2}" = CCC Help Czech
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
    "{E3BE4671-254A-4104-9EED-69F821C4E9E1}" = My Photo Calendars and Cards
    "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
    "{E70A3EE1-067D-8C6C-1C89-9F3A1BA4CF2C}" = Catalyst Control Center Graphics Light
    "{E87A8D96-5795-A788-18A2-3BCC20B09E7C}" = CCC Help Chinese Traditional
    "{EB295AF7-C2D1-D911-9E62-F288874B96F4}" = CCC Help Turkish
    "{EBCD5E4C-F14A-B147-39FE-906F75AC4ACE}" = CCC Help Russian
    "{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
    "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
    "{F36D6137-FD4C-1F67-7B2A-815BB05BB825}" = CCC Help German
    "{F84C1DC6-4B39-1A34-AD6E-A6EE49A3DD78}" = CCC Help Hungarian
    "{FA54202E-849F-4369-BAD9-B3CA15FE776E}_is1" = Side By Side Fix
    "{FD25927A-3487-43E5-857A-98C339D71D49}" = SHG Installation
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop Elements 11" = Adobe Photoshop Elements 11
    "AVG" = AVG 2013
    "Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
    "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
    "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
    "Google Chrome" = Google Chrome
    "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
    "InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
    "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft SQL Server 2005" = Microsoft SQL Server 2005
    "MouseSuite98" = Mouse Suite
    "OnlinePlay" = OnlinePlay 1.0
    "PokerStars" = PokerStars
    "PROHYBRIDR" = 2007 Microsoft Office system
    "RSH Home Networking Wizard" = RSH Home Networking Wizard
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TOSHIBA Software Modem" = TOSHIBA Software Modem
    "Uninstall_is1" = Uninstall 1.0.0.1
    "WiFiConnector" = Nintendo Wi-Fi USB Connector Registration Tool
    "Windows Media Encoder 9" = Windows Media Encoder 9 Series
    "WinLiveSuite" = Windows Live Essentials
    "World Gaming Center_is1" = World Gaming Center Version 2.1.2 + Emoticons + WGC Friends PBR
    "Yahoo! Messenger" = Yahoo! Messenger

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 06/02/2013 7:17:07 PM | Computer Name = Melody-PC | Source = Perflib | ID = 1010
    Description =

    Error - 06/02/2013 7:17:08 PM | Computer Name = Melody-PC | Source = Perflib | ID = 1008
    Description =

    Error - 06/02/2013 7:17:10 PM | Computer Name = Melody-PC | Source = Perflib | ID = 1008
    Description =

    Error - 06/02/2013 7:17:10 PM | Computer Name = Melody-PC | Source = Perflib | ID = 1010
    Description =

    Error - 06/02/2013 7:25:13 PM | Computer Name = Melody-PC | Source = Application Error | ID = 1000
    Description = Faulting application SecondLife.exe, version 3.4.2.4993, time stamp
    0x50aa99de, faulting module atioglxx.dll, version 6.14.10.6747, time stamp 0x46aab5eb,
    exception code 0xc0000005, fault offset 0x0038629a, process id 0x850, application
    start time 0x01ce04c12be3b1c2.

    Error - 06/02/2013 7:31:03 PM | Computer Name = Melody-PC | Source = Application Error | ID = 1000
    Description = Faulting application SecondLifeBetaViewer.exe, version 3.4.5.7890,
    time stamp 0x5111544d, faulting module atioglxx.dll, version 6.14.10.6747, time
    stamp 0x46aab5eb, exception code 0xc0000005, fault offset 0x0038629a, process id
    0x13a4, application start time 0x01ce04c1fddd6ae2.

    Error - 07/02/2013 11:42:38 AM | Computer Name = Melody-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 07/02/2013 11:42:41 AM | Computer Name = Melody-PC | Source = Application Error | ID = 1000
    Description = Faulting application ACDaemon.exe, version 1.1.0.49, time stamp 0x4cc808ec,
    faulting module ACDaemon.exe, version 1.1.0.49, time stamp 0x4cc808ec, exception
    code 0xc0000005, fault offset 0x0001af76, process id 0x554, application start time
    0x01ce0549ba33f8d5.

    Error - 07/02/2013 11:48:43 AM | Computer Name = Melody-PC | Source = LoadPerf | ID = 3012
    Description =

    Error - 07/02/2013 11:48:43 AM | Computer Name = Melody-PC | Source = LoadPerf | ID = 3011
    Description =

    [ System Events ]
    Error - 06/02/2013 6:14:18 PM | Computer Name = Melody-PC | Source = DCOM | ID = 10005
    Description =

    Error - 06/02/2013 6:14:46 PM | Computer Name = Melody-PC | Source = Service Control Manager | ID = 7001
    Description =

    Error - 06/02/2013 6:22:04 PM | Computer Name = Melody-PC | Source = Service Control Manager | ID = 7006
    Description =

    Error - 07/02/2013 12:01:11 AM | Computer Name = Melody-PC | Source = disk | ID = 262151
    Description = The device, \Device\Harddisk0\DR0, has a bad block.

    Error - 07/02/2013 1:05:54 AM | Computer Name = Melody-PC | Source = disk | ID = 262151
    Description = The device, \Device\Harddisk0\DR0, has a bad block.

    Error - 07/02/2013 1:09:08 AM | Computer Name = Melody-PC | Source = DCOM | ID = 10010
    Description =

    Error - 07/02/2013 1:09:15 AM | Computer Name = Melody-PC | Source = Service Control Manager | ID = 7006
    Description =

    Error - 07/02/2013 11:42:39 AM | Computer Name = Melody-PC | Source = Service Control Manager | ID = 7006
    Description =

    Error - 07/02/2013 11:42:39 AM | Computer Name = Melody-PC | Source = Service Control Manager | ID = 7006
    Description =

    Error - 07/02/2013 11:42:49 AM | Computer Name = Melody-PC | Source = ipnathlp | ID = 31004
    Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
    may indicate that the system is low on virtual memory, or that the memory manager
    has encountered an internal error.


    < End of report >
    Last edited by Jadyn; 02-07-2013 at 04:40 PM.

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    5,956
    Points
    1067

    Default

    Hi

    Run OTL again

    • Under the Custom Scans/Fixes box at the bottom, copy / and paste in the following. Just what's in the code box, not the word code.

      Code:
      :otL
      O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe" File not found
      O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
      O4 - HKCU..\Run: [DealAssistant] C:\Users\Melody\AppData\Roaming\DealAssistant\dealassistant.exe File not found
      
      :files
      ipconfig /flushdns /c 
      
      :Commands
      [resethosts]
      [emptytemp]
      [CREATERESTOREPOINT]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
    Last edited by zep516; 02-07-2013 at 09:18 PM.




    Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.

Page 1 of 4 123 ... LastLast