Sponsored By

wybuckaroo

Members
  • Content Count

    13
  • Joined

  • Last visited

About wybuckaroo

  • Rank
    Member
  1. ok I have rebooted, seems a little slow right now but I will give it some time. What do I do next?
  2. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Extensions folder moved successfully. C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\d4m1qp6g.default\extensions folder moved successfully. File C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\d4m1qp6g.default\extensions\[email protected] not found. C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_TW folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_CN folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\vi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\uk folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\tr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\th folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sv folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sk folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ru folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ro folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_PT folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_BR folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\no folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\nl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ms folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lv folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lt folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ko folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ja folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\it folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\id folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hu folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\he folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fil folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\eu folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\et folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es_419 folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_US folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_GB folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\el folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\de folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\da folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\cs folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ca folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\bg folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ar folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\zh_TW folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\zh_CN folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\vi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\uk folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\tr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\th folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\sv folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\sr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\sl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\sk folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\ru folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\ro folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\pt_PT folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\pt_BR folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\pl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\nl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\nb folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\lv folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\lt folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\ko folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\ja folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\it folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\id folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\hu folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\hr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\hi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\fr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\fil folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\fi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\et folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\es_419 folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\es folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\en_GB folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\en folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\el folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\de folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\da folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\cs folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\ca folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales\bg folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\_locales folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\images folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\html folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\css folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX\_locales folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_TW folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_CN folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\vi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\uk folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\tr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\th folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sk folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\se folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ru folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ro folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_PT folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_BR folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\no folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\nl folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lv folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lt folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ko folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ja folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\it folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\id folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hu folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fr folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fil folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fi folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\es folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\en folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\el folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\de folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\da folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\cs folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ca folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\bg folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ar folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales folder moved successfully. C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 folder moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_1113a deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Coleen Wagner ->Java cache emptied: 160684 bytes User: Default User: Default User User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Coleen Wagner ->Flash cache emptied: 9229 bytes User: Default User: Default User User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Coleen Wagner ->Temp folder emptied: 618232122 bytes ->Temporary Internet Files folder emptied: 209788732 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 86838680 bytes ->Google Chrome cache emptied: 14031311 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 112992384 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 994.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 12032013_212440 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...
  3. ========== OTL ========== OTL by OldTimer - Version 3.2.69.0 log created on 12032013_211946
  4. OTL logfile created on: 12/3/2013 8:51:12 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Coleen Wagner\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.96 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 52.80% Memory free 5.92 Gb Paging File | 4.46 Gb Available in Paging File | 75.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 297.99 Gb Total Space | 265.83 Gb Free Space | 89.21% Space Free | Partition Type: NTFS Computer Name: COLEENWAGNER-PC | User Name: Coleen Wagner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/12/03 20:51:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Coleen Wagner\Downloads\OTL.com PRC - [2013/12/03 20:46:40 | 000,891,200 | ---- | M] () -- C:\Users\Coleen Wagner\Downloads\SecurityCheck(1).exe PRC - [2013/11/18 21:59:36 | 000,590,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe PRC - [2013/11/17 10:17:24 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe PRC - [2013/11/15 21:02:34 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe PRC - [2013/11/07 22:00:48 | 000,680,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe PRC - [2013/11/06 19:15:32 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2013/10/28 23:24:02 | 000,729,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe PRC - [2013/10/28 23:17:36 | 000,892,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe PRC - [2013/08/01 17:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013/02/01 19:27:40 | 000,045,056 | ---- | M] (Intuit) -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 05:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe PRC - [2010/05/21 16:19:52 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\dleacoms.exe PRC - [2007/02/12 15:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe ========== Modules (No Company Name) ========== MOD - [2013/12/03 20:46:40 | 000,891,200 | ---- | M] () -- C:\Users\Coleen Wagner\Downloads\SecurityCheck(1).exe MOD - [2013/11/17 10:17:23 | 016,237,448 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_152.dll MOD - [2013/11/15 21:02:34 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll ========== Services (SafeList) ========== SRV - [2013/11/29 13:06:39 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2013/11/17 10:17:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2013/10/28 14:42:42 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2013/05/26 21:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/02/01 19:27:40 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService) SRV - [2010/05/21 16:19:52 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dleacoms.exe -- (dlea_device) SRV - [2010/05/21 16:19:46 | 000,193,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dleaserv.exe -- (dleaCATSCustConnectService) SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService) SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2007/02/12 15:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH) ========== Driver Services (SafeList) ========== DRV - [2013/12/03 20:31:37 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2013/11/05 21:50:48 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx) DRV - [2013/11/04 21:57:30 | 000,209,176 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2013/10/31 23:00:28 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2013/10/31 22:30:08 | 000,222,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx) DRV - [2013/10/24 22:28:32 | 000,147,768 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2013/10/01 00:49:38 | 000,102,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2013/09/17 00:57:26 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2013/09/10 00:43:20 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2013/08/01 15:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/07/13 15:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) DRV - [2009/05/22 16:17:52 | 000,058,528 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdg.sys -- (O2MDGRDR) DRV - [2009/05/07 16:47:12 | 000,041,504 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdg.sys -- (O2SDGRDR) DRV - [2009/03/24 15:25:24 | 000,197,680 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2D 70 C9 04 67 D2 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_enUS559 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "msn.com" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\bebomedia.com/OfferMosquitoIEHelper: C:\Users\Coleen Wagner\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/03 20:56:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Extensions [2013/12/03 19:41:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\d4m1qp6g.default\extensions [2013/11/13 09:30:48 | 000,004,379 | ---- | M] () (No name found) -- C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\d4m1qp6g.default\extensions\[email protected] [2013/11/15 21:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013/11/15 21:02:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Search (Enabled) CHR - default_search_provider: search_url = http://www.google.com CHR - default_search_provider: suggest_url = null, CHR - homepage: http://www.google.com CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Error reading preferences file CHR - Extension: Google Docs = C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: No name found = C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Any New Tab = C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfenflmklmpohipcckmagnmbmbibnolo\1.0.0_0\ CHR - Extension: No name found = C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ CHR - Extension: No name found = C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKCU..\Run: [AVG-Secure-Search-Update_1113a] C:\Users\Coleen Wagner\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=a1dd6391707b47d3b6ed4105a31b2edf-b602d594afd2b0b327e07a06f36ca6a7e42546d0 /CMPID=1113a File not found O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\RunOnce: [Application Restart #1] C:\Program Files\Google\Chrome Frame\Application\chrome.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02ECEA61-086A-4675-BD33-B0527B65CCB6}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\31.0.1650.57\npchrome_frame.dll (Google Inc.) O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/12/03 20:29:40 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2013/12/03 20:29:40 | 000,000,000 | ---D | C] -- C:\Users\Coleen Wagner\AppData\Roaming\Malwarebytes [2013/12/03 20:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/12/03 20:29:34 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013/12/03 20:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/12/03 20:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/12/03 19:49:18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013/12/03 19:39:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013/11/30 22:10:18 | 000,000,000 | ---D | C] -- C:\Users\Coleen Wagner\AppData\Roaming\MyTurboPC.com [2013/11/30 22:10:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MyTurboPC.com [2013/11/30 15:53:06 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013/11/29 13:06:40 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/11/29 13:06:40 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/11/29 13:06:40 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll [2013/11/29 13:06:40 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013/11/29 13:06:40 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe [2013/11/29 13:06:40 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll [2013/11/29 13:06:40 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013/11/29 13:06:40 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/11/29 13:06:40 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013/11/29 13:06:40 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013/11/29 13:06:40 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013/11/29 13:06:40 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013/11/29 13:06:40 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/11/29 13:06:40 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013/11/29 13:06:40 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll [2013/11/29 13:06:40 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013/11/29 13:06:40 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013/11/29 13:06:40 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013/11/29 13:06:40 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013/11/29 13:06:40 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/11/29 13:06:40 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013/11/29 13:06:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013/11/29 13:06:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013/11/29 13:06:40 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/11/29 13:06:40 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [2013/11/29 13:06:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013/11/29 13:06:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013/11/29 13:06:39 | 004,240,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/11/29 13:06:39 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2013/11/29 13:06:39 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/11/29 13:06:39 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013/11/29 13:06:39 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013/11/29 13:06:39 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2013/11/29 13:06:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013/11/29 13:06:39 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013/11/29 13:06:39 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll [2013/11/29 13:06:39 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013/11/29 13:06:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2013/11/29 13:06:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013/11/29 13:06:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013/11/29 13:06:39 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013/11/29 13:06:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013/11/29 13:06:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2013/11/28 21:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013/11/15 21:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/11/13 19:30:56 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2013/11/13 19:30:55 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll [2013/11/13 19:30:50 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll [2013/11/13 19:30:50 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2013/11/13 19:30:43 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013/11/13 19:30:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll [2013/11/09 20:25:03 | 000,000,000 | ---D | C] -- C:\Users\Coleen Wagner\AppData\Local\Macromedia [2013/11/06 19:15:32 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013/11/06 19:15:07 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll [2013/11/06 19:15:07 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013/11/06 19:15:07 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2013/11/06 19:15:07 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2013/11/06 19:15:07 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2013/11/06 19:15:07 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2013/11/06 19:15:07 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/11/06 19:15:07 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/11/06 19:15:07 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/11/06 19:15:07 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/11/06 19:15:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll [2013/11/06 19:15:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/11/06 19:15:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll [2013/11/06 19:15:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/11/06 19:15:07 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/11/06 19:15:06 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2013/11/06 19:15:06 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2013/11/06 19:15:06 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2013/11/06 19:15:06 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2013/11/06 19:15:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2013/11/06 19:15:06 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2013/11/06 19:15:06 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2013/11/06 19:15:06 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2013/11/06 19:15:05 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2013/11/06 19:13:01 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013/11/06 18:31:57 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2013/11/06 18:31:57 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys [2013/11/06 18:31:52 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys [2013/11/06 18:28:55 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe [2013/11/06 18:28:33 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2013/11/06 18:28:32 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll [2013/11/06 18:28:31 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [2013/11/06 18:28:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll [2013/11/06 18:28:17 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013/11/06 18:28:16 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013/11/06 18:28:15 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll [2013/11/06 18:28:09 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2013/11/06 18:28:09 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll [2013/11/06 18:28:03 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll [2013/11/06 18:28:00 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2013/11/06 18:28:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2013/11/06 18:28:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2013/11/06 18:28:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2013/11/06 18:27:57 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll [2013/11/06 18:27:57 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll [2013/11/06 18:27:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2013/11/06 18:27:21 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2013/11/06 18:27:18 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2013/11/06 18:26:48 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013/11/06 18:26:05 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys [2013/11/06 18:25:39 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll [2013/11/06 18:25:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2013/11/06 18:25:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2013/11/06 18:25:13 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013/11/06 18:25:13 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013/11/06 18:25:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013/11/06 18:25:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013/11/06 18:25:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013/11/06 18:25:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013/11/06 18:25:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013/11/06 18:25:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/11/06 18:25:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013/11/06 18:25:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013/11/06 18:25:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013/11/06 18:25:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013/11/06 18:25:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013/11/06 18:25:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013/11/06 18:25:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013/11/06 18:16:25 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2013/11/05 21:50:48 | 000,120,600 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys [2013/11/04 21:57:30 | 000,209,176 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys [2013/11/04 21:43:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2013/11/04 21:42:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2013/11/03 20:56:33 | 000,000,000 | ---D | C] -- C:\Users\Coleen Wagner\AppData\Roaming\Mozilla [2013/11/03 20:56:33 | 000,000,000 | ---D | C] -- C:\Users\Coleen Wagner\AppData\Local\Mozilla [2013/11/03 20:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla ========== Files - Modified Within 30 Days ========== [2013/12/03 20:42:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/12/03 20:31:37 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2013/12/03 20:29:35 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/12/03 20:17:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/12/03 19:49:43 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/12/03 19:49:43 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/12/03 19:46:50 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/12/03 19:46:50 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/12/03 19:42:39 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/12/03 19:42:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/12/03 19:42:30 | 2385,211,392 | -HS- | M] () -- C:\hiberfil.sys [2013/11/30 15:53:03 | 239,023,850 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/11/29 13:06:40 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/11/29 13:06:40 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/11/29 13:06:40 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll [2013/11/29 13:06:40 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013/11/29 13:06:40 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe [2013/11/29 13:06:40 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll [2013/11/29 13:06:40 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013/11/29 13:06:40 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/11/29 13:06:40 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013/11/29 13:06:40 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013/11/29 13:06:40 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013/11/29 13:06:40 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013/11/29 13:06:40 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/11/29 13:06:40 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013/11/29 13:06:40 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll [2013/11/29 13:06:40 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013/11/29 13:06:40 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013/11/29 13:06:40 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013/11/29 13:06:40 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013/11/29 13:06:40 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/11/29 13:06:40 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013/11/29 13:06:40 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013/11/29 13:06:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013/11/29 13:06:40 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/11/29 13:06:40 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [2013/11/29 13:06:40 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013/11/29 13:06:40 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013/11/29 13:06:40 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2013/11/29 13:06:39 | 004,240,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/11/29 13:06:39 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2013/11/29 13:06:39 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/11/29 13:06:39 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013/11/29 13:06:39 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013/11/29 13:06:39 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2013/11/29 13:06:39 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013/11/29 13:06:39 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013/11/29 13:06:39 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll [2013/11/29 13:06:39 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013/11/29 13:06:39 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2013/11/29 13:06:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013/11/29 13:06:39 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013/11/29 13:06:39 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013/11/29 13:06:39 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013/11/29 13:06:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2013/11/28 21:21:16 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk [2013/11/17 10:17:24 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/11/17 10:17:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/11/17 09:25:24 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/11/11 14:38:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013/11/06 20:53:41 | 000,281,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/11/06 19:15:32 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013/11/06 19:15:07 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll [2013/11/06 19:15:07 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013/11/06 19:15:07 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2013/11/06 19:15:07 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2013/11/06 19:15:07 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2013/11/06 19:15:07 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2013/11/06 19:15:07 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/11/06 19:15:07 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/11/06 19:15:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/11/06 19:15:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/11/06 19:15:07 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll [2013/11/06 19:15:07 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/11/06 19:15:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll [2013/11/06 19:15:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/11/06 19:15:07 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/11/06 19:15:06 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2013/11/06 19:15:06 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2013/11/06 19:15:06 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2013/11/06 19:15:06 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2013/11/06 19:15:06 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2013/11/06 19:15:06 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2013/11/06 19:15:06 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2013/11/06 19:15:06 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2013/11/06 19:15:05 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2013/11/06 19:13:01 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013/11/05 21:50:48 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys [2013/11/04 21:57:30 | 000,209,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys [2013/11/04 21:55:24 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll [2013/11/03 20:56:26 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk ========== Files Created - No Company Name ========== [2013/12/03 20:29:35 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/11/30 15:53:02 | 239,023,850 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013/11/29 13:06:40 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2013/11/11 14:38:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013/11/03 20:56:26 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/11/03 20:56:26 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/10/27 08:26:24 | 000,000,428 | ---- | C] () -- C:\Users\Coleen Wagner\Deaver-Frannie Cemetery District.ND [2013/10/27 08:26:23 | 011,653,120 | R--- | C] () -- C:\Users\Coleen Wagner\Deaver-Frannie Cemetery District.QBW [2013/10/26 18:06:00 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini [2013/10/26 10:12:31 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\dleacoin.dll [2013/10/26 10:12:31 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dleavs.dll [2013/10/26 10:12:30 | 000,294,912 | ---- | C] () -- C:\Windows\System32\dleacui.dll [2013/10/26 10:12:30 | 000,110,592 | ---- | C] () -- C:\Windows\System32\dleacuir.dll [2013/10/26 10:12:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dleagcfg.dll [2013/10/26 10:12:24 | 000,372,736 | ---- | C] () -- C:\Windows\System32\DLEAwupd.dll [2013/10/26 10:12:24 | 000,213,672 | ---- | C] () -- C:\Windows\System32\DLEAwupd.exe [2013/10/26 10:12:05 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\dleaserv.dll [2013/10/26 10:12:05 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\dleausb1.dll [2013/10/26 10:12:05 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dleainpa.dll [2013/10/26 10:12:05 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\DLEAhcp.dll [2013/10/26 10:12:05 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\dleaiesc.dll [2013/10/26 10:12:05 | 000,331,776 | ---- | C] () -- C:\Windows\System32\DLEAinst.dll [2013/10/26 10:12:04 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\dleacomc.dll [2013/10/26 10:12:04 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\dleahbn3.dll [2013/10/26 10:12:04 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dleapmui.dll [2013/10/26 10:12:04 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\dleacoms.exe [2013/10/26 10:12:04 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\dlealmpm.dll [2013/10/26 10:12:04 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\dleacfg.exe [2013/10/26 10:12:04 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\dleacomm.dll [2013/10/26 10:12:04 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\dleaih.exe [2013/10/26 10:12:04 | 000,323,584 | ---- | C] () -- C:\Windows\System32\dleains.dll [2013/10/26 10:12:04 | 000,262,144 | ---- | C] () -- C:\Windows\System32\dleainsb.dll [2013/10/26 10:12:04 | 000,253,952 | ---- | C] () -- C:\Windows\System32\dleacu.dll [2013/10/26 10:12:04 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dleagrd.dll [2013/10/26 10:12:04 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dleainsr.dll [2013/10/26 10:12:04 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dleacub.dll [2013/10/26 10:12:04 | 000,086,180 | ---- | C] () -- C:\Windows\System32\DLEAcfg.dll [2013/10/26 10:12:04 | 000,057,344 | ---- | C] () -- C:\Windows\System32\dleajswr.dll [2013/10/26 10:12:04 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dleacur.dll [2013/10/26 10:11:56 | 000,299,008 | ---- | C] () -- C:\Windows\System32\DLEAsm.dll [2013/10/26 10:11:56 | 000,028,672 | ---- | C] () -- C:\Windows\System32\DLEAsmr.dll [2013/10/26 09:20:40 | 000,103,272 | ---- | C] () -- C:\Users\Coleen Wagner\GoToAssistDownloadHelper.exe ========== ZeroAccess Check ========== [2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >
  5. OTL Extras logfile created on: 12/3/2013 8:51:12 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Coleen Wagner\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.96 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 52.80% Memory free 5.92 Gb Paging File | 4.46 Gb Available in Paging File | 75.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 297.99 Gb Total Space | 265.83 Gb Free Space | 89.21% Space Free | Partition Type: NTFS Computer Name: COLEENWAGNER-PC | User Name: Coleen Wagner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{037AFA5F-D5BE-4A93-8941-83B1E76C7F05}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{10B06FF7-9514-4F40-B1A3-72BD18BAE905}" = rport=10243 | protocol=6 | dir=out | app=system | "{1C71840A-69C8-4E9D-B9FF-4D51AAE72B18}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2DF5E366-9123-4E58-8E87-ECF814BB5E1E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{60FF4533-B463-4254-859A-77F73BF7BBC1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6C1EFBA8-403D-41AE-B0AC-89AB7D8294E6}" = lport=445 | protocol=6 | dir=in | app=system | "{81A85D88-9D81-4160-B656-568045695BBE}" = rport=138 | protocol=17 | dir=out | app=system | "{82FB23C4-CA49-40DC-B12A-72003AA0DD4E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{833BDDAF-4284-4B2B-80A4-46736F911715}" = rport=445 | protocol=6 | dir=out | app=system | "{95679C95-C088-4E2C-8F08-9630702F00D4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A35F9875-0922-4D64-BA73-A8B6F195514A}" = lport=138 | protocol=17 | dir=in | app=system | "{CDE1BE9E-A275-4AFC-BB7F-2EDBA8449357}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CF0FFACD-81C6-455C-8BE2-A9072D2FD7E1}" = rport=139 | protocol=6 | dir=out | app=system | "{DD0C2D49-8B42-4958-813A-FD64A69FE33E}" = lport=10243 | protocol=6 | dir=in | app=system | "{E13A4534-2083-4209-8F88-B8652AB071EC}" = lport=137 | protocol=17 | dir=in | app=system | "{EBE09A80-D8A9-4B15-B260-8576A17CD748}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EC80866F-7A3C-4FEE-8A77-0B80E1619EE5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F7556C98-604D-4530-9B24-541EBDAA6490}" = lport=139 | protocol=6 | dir=in | app=system | "{FAF084DB-8FFA-4ABD-AABF-106715DD0EAB}" = rport=137 | protocol=17 | dir=out | app=system | "{FBEF68FF-CF0A-4BEA-B019-B646D8CE6A5C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FEAC9F52-FCBD-4042-A9BD-60C0CD5BCE2B}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02ACDABC-73F7-42F4-AC62-DE06D8812575}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe | "{06674719-8037-400A-A556-FD106DB8899B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{115AC56D-A06C-4474-BACC-ED9DFE463FC0}" = dir=in | app=c:\windows\system32\dleacoms.exe | "{11D0B6F3-679C-4281-B14A-02661250EF29}" = protocol=1 | dir=out | [email protected],-28544 | "{18B1A8E9-360C-435B-B581-A2B96B5B42B5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe | "{29C89E5A-3D4A-4D8B-BE86-78BD66DA4FB5}" = protocol=6 | dir=out | app=system | "{2EB56FEF-1CF6-4438-A1F5-C147D018B6E4}" = protocol=58 | dir=out | [email protected],-28546 | "{391D28E4-0C79-43AB-96F2-183E111F9B19}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe | "{3D62FDD0-2E21-4A02-A1CE-B9D45D7F03AC}" = protocol=1 | dir=in | [email protected],-28543 | "{400861CA-B1FB-4AAA-8F99-2FFB75552D33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4D3A9243-C628-4F42-967D-82C9686DA309}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{73853E6A-3290-48F2-80A3-010250BB5E03}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8895DBFA-B00B-42B4-AED9-118BCD2CD5FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8AF9E195-8AEF-40F2-8D59-FA85D1397958}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9D555E1C-CB3F-42CD-9CAD-9A51864A4428}" = protocol=58 | dir=in | [email protected],-28545 | "{AB36FD86-F7DD-4948-A03A-F94D5CCB4AB6}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe | "{AC662F72-DDEC-45E9-AC75-455A3574573A}" = dir=in | app=c:\windows\system32\dleacoms.exe | "{B39E3962-7206-4125-A027-D2D06A371A81}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe | "{BA6E4CD3-54AE-41E3-B11D-C1D6F813E190}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgemcx.exe | "{C30EC9CA-17AC-47CD-AEAE-DB8BCBA482B6}" = dir=in | app=c:\windows\system32\dleacoms.exe | "{C9C08597-9469-4A77-84A9-E135D4A61751}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe | "{CB015494-4B4A-4F05-9499-FCD7E637CCE7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D719E97E-ED89-49F8-A133-E097508D9091}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe | "{DF1B0126-8752-4696-A1E3-8AA6CD0980D7}" = dir=in | app=c:\windows\system32\dleacoms.exe | "{E2EBE4E5-5BC0-4C3F-914B-F05F544AD49A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E3987087-6CF0-4D7D-B550-4809874D7EAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EA291D49-EECA-49AE-B269-86E6DB2C8B5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F31EC0C8-D0DB-4187-9CE6-2EA2413E338B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02A5C383-FE94-3B52-9627-CE70B9301A0F}" = Google Chrome Frame "{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks "{0700E22B-A419-40A5-BD20-04BF618CA0F9}" = QuickBooks Simple Start 2010 Free Edition "{0CFC5C64-A7D1-42C0-B8BF-03DFF0E6C54E}" = QuickBooks File Doctor "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45 "{3B97ADB7-3DA1-4964-BC10-68384BA6A66F}" = AVG 2014 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{82FB6F62-1EFC-4916-AA2C-19DC9EFCE978}" = AVG 2014 "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B0585E15-E03C-4F62-B20E-84639D4A01E5}" = Dell Backup and Recovery Manager "{B066A843-8978-4501-A900-A28C5EFE148B}" = O2Micro Flash Memory Card Windows Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AVG" = AVG 2014 "Dell V310-V510 Series" = Dell V310-V510 Series "Google Chrome" = Google Chrome "InstallShield_{B066A843-8978-4501-A900-A28C5EFE148B}" = O2Micro Flash Memory Card Windows Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US) ========== Last 20 Event Log Errors ========== [ System Events ] Error - 12/3/2013 11:19:39 PM | Computer Name = ColeenWagner-PC | Source = DCOM | ID = 10010 Description = < End of report >
  6. I wont let me install the security check it says UNSUPPORTED OPERATING SYSTEM! ABORTED!
  7. ok so I think I ran all of the items.....what do you think?
  8. Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.04.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 11.0.9600.16428 Coleen Wagner :: COLEENWAGNER-PC [administrator] Protection: Enabled 12/3/2013 8:31:45 PM mbam-log-2013-12-03 (20-31-45).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 193326 Time elapsed: 5 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  9. It is not on my add/remove uninstall panel :-) must be goooonnneeee!
  10. Chuck, I don't think I installed the OfferMosquito software. Coleen
  11. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows 7 Home Premium x86 Ran by Coleen Wagner on Tue 12/03/2013 at 19:49:19.72 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r887-n-bi[1]_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r887-n-bi[1]_RASMANCS ~~~ Files ~~~ Folders ~~~ FireFox Emptied folder: C:\Users\Coleen Wagner\AppData\Roaming\mozilla\firefox\profiles\d4m1qp6g.default\minidumps [8 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 12/03/2013 at 19:52:11.82 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  12. # AdwCleaner v3.014 - Report created 03/12/2013 at 19:41:06 # Updated 01/12/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits) # Username : Coleen Wagner - COLEENWAGNER-PC # Running from : C:\Users\Coleen Wagner\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Coleen Wagner\AppData\Local\ext_offermosquito Folder Deleted : C:\Users\Coleen Wagner\AppData\Roaming\Common\LuaRT Folder Deleted : C:\Users\Coleen Wagner\AppData\Roaming\DataMgr Folder Deleted : C:\Users\Coleen Wagner\AppData\Roaming\DriverCure Folder Deleted : C:\Users\Coleen Wagner\AppData\Roaming\Intermediate Folder Deleted : C:\Users\Coleen Wagner\AppData\Roaming\SCheck Folder Deleted : C:\Users\Coleen Wagner\AppData\Roaming\Snz Folder Deleted : C:\Users\Coleen Wagner\AppData\Roaming\SSync Folder Deleted : C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk File Deleted : C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\d4m1qp6g.default\Extensions\[email protected] File Deleted : C:\Users\Coleen Wagner\AppData\Local\omesuperv.exe File Deleted : C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\d4m1qp6g.default\searchplugins\search.xml ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Google\Chrome\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk Key Deleted : HKCU\Software\Classes\iLivid.torrent Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [intermediate] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [OMESupervisor] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [snoozer] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync] Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_quickbooks-simple-start[1]_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_quickbooks-simple-start[1]_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82B16A3D-F03E-4565-A532-666B219C9A53} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82B16A3D-F03E-4565-A532-666B219C9A53} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82B16A3D-F03E-4565-A532-666B219C9A53} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82B16A3D-F03E-4565-A532-666B219C9A53} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\AVG SafeGuard toolbar Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\OfferMosquito Key Deleted : HKCU\Software\Protector Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\Software\AVG SafeGuard toolbar Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\systweak ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v25.0.1 (en-US) [ File : C:\Users\Coleen Wagner\AppData\Roaming\Mozilla\Firefox\Profiles\d4m1qp6g.default\prefs.js ] Line Deleted : user_pref("om.config", "{\"active\":true,\"name\":\"october2013\",\"id\":35,\"dispId\":\"CH-35\",\"aboutLink\":\"\",\"trackingGeneral\":false,\"xhrDomains\":[\"become\",\"shopzilla\",\"twenga\",\"bizr[...] -\\ Google Chrome v31.0.1650.57 [ File : C:\Users\Coleen Wagner\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : icon_url Deleted : search_url Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [4456 octets] - [03/12/2013 19:40:09] AdwCleaner[s0].txt - [4485 octets] - [03/12/2013 19:41:06] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4545 octets] ##########
  13. I have a virus on my computer I have a box that keeps popping up wanting me to download a Xvid Video player. Help!