SpyWare BeWare! ASAP
June 25, 2017, 02:12:11 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News:
 
   Home   Help Search Calendar Donations Login Register Chat  



Google It!
Pages: [1] 2 3   Go Down
  Print  
Author Topic: wgsdgsdgdsgsd.dll.... FBI MoneyPak Ransomware or the Reveton Trojan  (Read 4338 times)
0 Members and 1 Guest are viewing this topic.
pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« on: January 21, 2013, 06:21:06 PM »

I am at a loss trying to figure out what is going on with my computer... when it FINALLY starts up it gives me an error message (there has been two different ones) ... I am really worried because I was infected last year with a trojan and it "hid" ALL of my files... we backed them up on an external hard drive then wiped it clean... When this started working I sent a screenshot to my brother only to have him confirm that the error message is most definitely that of another virus so I went to justcloud.com and started backing up all of my files, etc... I just hope I am not backing up the virus.  I have run AVG a number of times and the most recent scan put two different "threats" in the virus vault... I also did the "freefix" thing but that was no help.. attached are screen shots of avg completion report and error messages...  any help would be greatly appreciated and compensated....
Logged
Corrine
Administrator
Hero Member
*****
Offline Offline

Date Registered:March 06, 2004, 10:01:51 AM
Posts: 1900


The Mystical Rose


WWW
« Reply #1 on: January 21, 2013, 09:24:36 PM »

Hi, pennylane821.  Welcome to SpyWareBeWare.

It is too bad you didn't come here when you got the rogue that hid your files.  We would have been able to help.  Anyway, in order for you to receive assistance, additional information is needed.  Please follow the instructions here:  Please Start HERE!

Please Start HERE!
Logged

,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« Reply #2 on: February 20, 2013, 06:48:36 PM »

I have deleted everything that I can find that involves any sort of "torrent" but it still shows up... I can't figure out how to delete the toolbar...

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.16982  BrowserJavaVersion: 10.9.2
Run by Melissa Bodine at 17:42:26 on 2013-02-20
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.1.1033.18.3032.1344 [GMT -6:00]
.
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Melissa Bodine\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\JustCloud\JustCloud.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Users\Melissa Bodine\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Brand Affinity Technologies\Fantapper Player\FantapperUpdateService.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\JustCloud\BackupStack.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe
C:\Program Files\Microsoft Office\Office12\MSPUB.EXE
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?babsrc=HP_Prot
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} -
mURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} -
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: I Want This: {11111111-1111-1111-1111-110011221158} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} -
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Fantapper: {8A86D350-37AB-410A-8531-7D1363F317B3} - c:\program files\brand affinity technologies\fantapper player\\IEInstaller.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo\YontooIEClient.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: BitTorrentControl_v12 Toolbar: {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} -
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} -
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
TB: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} -
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Google Update] "c:\users\melissa bodine\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 5.0\apdproxy.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\meliss~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\justcl~1.lnk - c:\program files\justcloud\JustCloud.exe
StartupFolder: c:\users\meliss~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\runctf.lnk - c:\windows\system32\rundll32.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 172.16.0.1
TCP: Interfaces\{45E155ED-3E31-491B-85EC-99CB23007C90} : DHCPNameServer = 172.16.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs=   
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\melissa bodine\appdata\roaming\mozilla\firefox\profiles\awu69gy8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid={886F4E32-CF75-48F1-873E-995A1DE92691}&mid=19a4c4d07c4147d18f2c1d955f2f7fa6-e9ace9bb0cf9b350409bebb1e50452052adfb509&lang=en&ds=ft011&pr=sa&d=2012-07-14 11:24:52&v=12.2.5.32&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\users\melissa bodine\appdata\local\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extentions.y2layers.installId, 8a29b8cd-19bd-4459-adce-896a0ea3b7d2
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-8 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 33112]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-11-2 5174392]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 BackupStack;Computer Backup (JustCloud);c:\program files\justcloud\BackupStack.exe [2013-1-8 32808]
R2 FTSvc;Fantapper Player Update Service;c:\program files\brand affinity technologies\fantapper player\FantapperUpdateService.exe [2011-12-20 11776]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\ToolbarUpdater.exe [2013-2-19 968880]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2012-1-29 122880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 OKI OPHD DCS Loader;OKI OPHD DCS Loader;c:\windows\system32\spool\drivers\w32x86\3\OPHDLDCS.EXE [2006-12-29 24576]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2006-11-2 19968]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs3\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-02-12 19:52:54   --------   d-----w-   c:\users\melissa bodine\appdata\local\HP
2013-01-22 22:53:04   --------   d-----w-   c:\programdata\Brother
.
==================== Find3M  ====================
.
2013-02-19 17:41:08   33112   ----a-w-   c:\windows\system32\drivers\avgtpx86.sys
2013-02-14 15:33:10   71024   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-14 15:33:10   691568   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-12-10 09:28:36   142176   ----a-w-   c:\windows\system32\drivers\avgidsdriverx.sys
.
============= FINISH: 17:43:52.94 ===============
Logged
pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« Reply #3 on: February 20, 2013, 06:49:58 PM »

I hope I am doing this right...

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/29/2012 1:38:24 AM
System Uptime: 2/20/2013 2:18:00 PM (3 hours ago)
.
Motherboard: Dell Inc. |  | 0D176M
Processor: Pentium(R) Dual-Core CPU       T4400  @ 2.20GHz | U2E1 | 1200/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 133.532 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_14E4&DEV_1698&SUBSYS_02BE1028&REV_10\4&2BCEBCDB&0&00E5
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_14E4&DEV_1698&SUBSYS_02BE1028&REV_10\4&2BCEBCDB&0&00E5
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02BE1028&REV_12\4&31FC8C23&0&0AF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02BE1028&REV_12\4&31FC8C23&0&0AF0
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_02BE1028&REV_12\4&31FC8C23&0&0BF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_02BE1028&REV_12\4&31FC8C23&0&0BF0
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_02BE1028&REV_12\4&31FC8C23&0&0CF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_02BE1028&REV_12\4&31FC8C23&0&0CF0
Service:
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_02BE1028&REV_03\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_02BE1028&REV_03\3&11583659&0&FB
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Add or Remove Adobe Creative Suite 3 Web Premium
Adobe Acrobat 8 Professional
Adobe Acrobat Connect Add-in
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Common File Installer
Adobe Contribute CS3
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Center 2.1
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop Elements 5.0
Adobe Premiere Elements 3.0.2
Adobe Premiere Elements 3.0.2 Templates
Adobe Reader X (10.1.3)
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2012
AVG Security Toolbar
BitTorrentControl_v12 Toolbar
Bonjour
Business Contact Manager for Outlook 2007 SP2
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.1
Canon MX340 series MP Drivers
Canon MX340 series User Registration
Canon Speed Dial Utility
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Corel Graphics - Windows Shell Extension
CorelDRAW Graphics Suite X6
CorelDRAW Graphics Suite X6 - Capture
CorelDRAW Graphics Suite X6 - Common
CorelDRAW Graphics Suite X6 - Connect
CorelDRAW Graphics Suite X6 - Custom Data
CorelDRAW Graphics Suite X6 - Draw
CorelDRAW Graphics Suite X6 - EN
CorelDRAW Graphics Suite X6 - Filters
CorelDRAW Graphics Suite X6 - FontNav
CorelDRAW Graphics Suite X6 - IPM
CorelDRAW Graphics Suite X6 - PHOTO-PAINT
CorelDRAW Graphics Suite X6 - Photozoom Plugin
CorelDRAW Graphics Suite X6 - Redist
CorelDRAW Graphics Suite X6 - Setup Files
CorelDRAW Graphics Suite X6 - VBA
CorelDRAW Graphics Suite X6 - VideoBrowser
CorelDRAW Graphics Suite X6 - VSTA
CorelDRAW Graphics Suite X6 - Writing Tools
Fantapper Player
File Type Assistant
Free File Viewer 2011
FreeFixer
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
Google Chrome
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
I Want This
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
iTunes
Java 7 Update 9
Java Auto Updater
JustCloud
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual Basic for Applications 7.1 (x86)
Microsoft Visual Basic for Applications 7.1 (x86) English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PDF Settings
PhotoScape
Picasa 3
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
System Requirements Lab
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Yontoo 1.10.02
.
==== End Of File ===========================
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #4 on: February 22, 2013, 12:40:32 PM »

Hi and welcome to the SWBW forums.  Smiley

I'm melboy and I am going to try to help you with your problem. Please take note of the following:

  • I will be working on your Malware issues this may or may not solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • If you don't know or understand something, please don't hesitate to ask.
  • Please refrain from making any further changes to your computer (Install/Uninstall programs, delete files, edit the registry, etc...)
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • It is important that you reply to this thread. Do not start a new topic.
  • DO NOT attach logs unless requested to. Please copy/paste all requested logs into your replies.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Absence of symptoms does not mean that everything is clear.
.

IMPORTANT: Please take time to read this topic where the Forum Guidelines are explained.

NOTE: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.


No Reply Within 3 Days Will Result In Your Topic Being Closed!! If you need more time, please inform me.


==================================


Uninstall Programs

  • Go to start > control panel > programs and features.
  • Right click on each instance of:
Quote
BitTorrentControl_v12 Toolbar
Fantapper Player
I Want This
Java 7 Update 9
Java Auto Updater
Yontoo 1.10.02

  • Click Uninstall & then follow the prompts to remove it.
.


Update Adobe Reader

Your Adobe Reader is out of date.
Older versions may have vulnerabilities that malware can use to infect your system.

  • Using the internal updater ensure the software is updated to the current increment 10.1.5
  • Open Adobe Reader go to > Help > Check for updates and allow the updater to check.
  • Click to download and install any necessary updates.
.


Update Java Runtime

You are using an old version of Java. Oracle's Java (Was Sun Java) is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Oracle Java is:
Java Runtime Environment Version 7 Update 15.

  • Go to Oracle Java
  • Scroll down to where it says "Java Platform, Standard Edition. Java SE 7 Update 15"
  • Click the Download JRE button to the right.
  • Check the box to Accept License Agreement
  • In the list of files, Look to Windows x86 Offline & click on the link to the right which says "jre-7u15-windows-i586.exe" and save the downloaded file to your desktop.
  • Install the new version by running the newly-downloaded file with the java icon which will be at your desktop, and follow the on-screen instructions.
.

Reboot your computer



OTL

Download OTL by Old Timer and save it to your Desktop.

  • Double click on OTL.exe to run it.
  • Allow any UAC prompt.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, two Notepad files will open.
  • OTL.txt <-- Will be opened
  • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
.


CKScanner

Download CKScanner from here

  • Important - Save it to your desktop - Run this program only once
  • Right click CKScanner.exe and choose "Run as Administrator"
  • When the program opens click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
Logged

pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« Reply #5 on: February 23, 2013, 08:23:00 PM »

When i try to uninstall BitTorrentControl_v12 Toolbar and Yontoo 1.10.02 both said they had already been uninstalled?  When asked if i wanted to remove them from the list I said yes?  But I am now at the OTL scan and I STILL see them in there!  I will post it once I finish the last scan....unless you want it sooner.. I am trying to do this and juggle a three year old that desperately wants to "type her name" while this stuff is running.. Smiley
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #6 on: February 23, 2013, 08:38:41 PM »

Hi

That's fine. We can remove any leftovers during the course of the fix.

Post all the scan logs when you have them.
Logged

pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« Reply #7 on: February 24, 2013, 01:20:59 AM »

OTL logfile created on: 2/23/2013 6:10:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Melissa Bodine\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.96 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 41.23% Memory free
6.12 Gb Paging File | 4.40 Gb Available in Paging File | 71.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.85 Gb Total Space | 132.44 Gb Free Space | 56.88% Space Free | Partition Type: NTFS
 
Computer Name: MELISSABODIN-PC | User Name: Melissa Bodine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/02/23 18:09:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Melissa Bodine\Downloads\OTL.exe
PRC - [2013/02/19 11:41:07 | 001,151,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013/02/19 11:41:06 | 000,968,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013/02/19 11:24:43 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/02/14 09:33:10 | 001,820,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe
PRC - [2013/02/11 15:48:17 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Users\Melissa Bodine\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013/01/08 07:16:28 | 000,032,808 | ---- | M] (Just Develop It) -- C:\Program Files\JustCloud\BackupStack.exe
PRC - [2013/01/08 07:16:26 | 001,994,792 | ---- | M] (JustCloud.com) -- C:\Program Files\JustCloud\JustCloud.exe
PRC - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/19 17:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/11/08 03:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/11/08 03:51:04 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/11/02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/09 14:25:45 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2012/03/19 04:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 03:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2012/01/29 03:06:00 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/11/01 19:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2006/12/22 06:31:50 | 000,108,712 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
PRC - [2006/12/22 06:29:56 | 000,067,752 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
PRC - [2006/10/22 22:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/02/19 11:41:08 | 000,156,848 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2013/02/19 11:41:07 | 001,151,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013/02/19 11:24:39 | 003,067,288 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/02/14 09:33:09 | 014,717,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_168.dll
MOD - [2013/01/08 07:10:52 | 003,718,144 | ---- | M] () -- C:\Program Files\JustCloud\MPCBIconOverlays.dll
MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/03/27 11:47:18 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\22e348e7fee20fcb2013d3dfe016ae8e\System.Management.ni.dll
MOD - [2012/03/27 11:46:49 | 011,796,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03858406f9a9514402888707e8b93abe\System.Web.ni.dll
MOD - [2012/03/27 11:46:36 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll
MOD - [2012/03/27 11:46:33 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ae383808b3f5ee9287358378f9a2cad3\System.EnterpriseServices.ni.dll
MOD - [2012/03/27 11:46:32 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b98385fbfc00adacf4fd7896ba064032\System.Transactions.ni.dll
MOD - [2012/03/27 11:46:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll
MOD - [2012/01/30 10:01:27 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2012/01/30 10:00:47 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2012/01/30 10:00:27 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2012/01/30 10:00:08 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\813556b5a2722045b0ea14467fd00227\System.Data.ni.dll
MOD - [2012/01/30 09:58:46 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2012/01/30 09:58:32 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2012/01/29 02:07:40 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012/01/29 02:05:36 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/01/29 02:05:34 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/01/29 02:05:33 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/01/29 02:05:32 | 003,149,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/01/29 02:04:52 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/01/29 02:04:51 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/01/29 02:04:51 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2010/04/18 07:58:58 | 000,904,704 | ---- | M] () -- C:\Program Files\JustCloud\x86\System.Data.SQLite.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013/02/19 11:41:06 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013/02/19 11:24:40 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/14 09:33:10 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/08 07:16:28 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\JustCloud\BackupStack.exe -- (BackupStack)
SRV - [2012/12/18 08:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/09 14:25:45 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/03/20 15:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/12/22 06:31:50 | 000,108,712 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
SRV - [2006/11/02 06:34:32 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005/09/30 19:35:42 | 000,024,576 | ---- | M] (Oki Data Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\OPHDLDCS.EXE -- (OKI OPHD DCS Loader)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/02/19 11:41:08 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/12/10 03:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/11/08 03:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/08/24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/04/19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2009/07/10 05:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2006/11/02 03:15:23 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2006/11/02 03:14:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - SOFTWARE\Classes\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=221&systemid=1&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_Prot
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - SOFTWARE\Classes\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=110410&babsrc=SP_ss&mntrId=88356b150000000000001c659d214ad4
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={886F4E32-CF75-48F1-873E-995A1DE92691}&mid=19a4c4d07c4147d18f2c1d955f2f7fa6-e9ace9bb0cf9b350409bebb1e50452052adfb509&lang=en&ds=ft011&pr=sa&d=2012-07-14 11:24:52&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=221&systemid=1&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826
IE - HKCU\..\SearchScopes\{D262852B-6C98-4D8D-BC0D-92DF44D1654A}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20120207,6902,0,27,0"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={985DED13-E979-4AC6-A12D-8FE7A259DED8}&Version=3.6.5&Vintage=20120207&Defaultbrowserid=27&Productid=2627&Vendorid=5750&Offerid=6894&searchterm="
FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid={886F4E32-CF75-48F1-873E-995A1DE92691}&mid=19a4c4d07c4147d18f2c1d955f2f7fa6-e9ace9bb0cf9b350409bebb1e50452052adfb509&lang=en&ds=ft011&pr=sa&d=2012-07-14 11:24:52&v=12.2.5.32&sap=ku&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Melissa Bodine\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Melissa Bodine\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2013/02/04 09:49:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013/02/19 11:41:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/19 11:24:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/19 11:24:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012/03/11 19:55:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa Bodine\AppData\Roaming\mozilla\Extensions
[2013/01/24 12:32:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa Bodine\AppData\Roaming\mozilla\Firefox\Profiles\awu69gy8.default\extensions
[2012/03/10 18:07:28 | 000,002,515 | ---- | M] () -- C:\Users\Melissa Bodine\AppData\Roaming\mozilla\firefox\profiles\awu69gy8.default\searchplugins\Search_Results.xml
[2013/02/19 11:23:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/19 11:24:43 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/02/11 15:50:14 | 000,003,594 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/07 10:21:19 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/09/17 09:02:55 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/10 18:07:28 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013/02/19 11:24:30 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.18.20_0\
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk\1.21.99_0\crossrider
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk\1.21.99_0\
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.0.2.14_0\
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgcjecomkebbohfjgmncelbhogbbokf\1.0.6_0\
CHR - Extension: No name found = C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll File not found
O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll File not found
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (BitTorrentControl_v12 Toolbar) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBitT.dll爀猀 File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (BitTorrentControl_v12 Toolbar) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBitT.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentControl_v12 Toolbar) - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files\BitTorrentControl_v12\prxtbBitT.dll File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Melissa Bodine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk = C:\Program Files\JustCloud\JustCloud.exe (JustCloud.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45E155ED-3E31-491B-85EC-99CB23007C90}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Melissa Bodine\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Melissa Bodine\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01c837ea-76ba-11e2-9ec4-c60516862a97}\Shell - "" = AutoRun
O33 - MountPoints2\{01c837ea-76ba-11e2-9ec4-c60516862a97}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{6e1eb5f5-e55b-11e1-b88e-d69d49b296cb}\Shell - "" = AutoRun
O33 - MountPoints2\{6e1eb5f5-e55b-11e1-b88e-d69d49b296cb}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{c81e5be1-8965-11e1-aea2-8c4af6b0451b}\Shell - "" = AutoRun
O33 - MountPoints2\{c81e5be1-8965-11e1-aea2-8c4af6b0451b}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{f6c7d9ae-a8c1-11e1-b484-919e3771dc74}\Shell - "" = AutoRun
O33 - MountPoints2\{f6c7d9ae-a8c1-11e1-b484-919e3771dc74}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/02/22 22:34:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/02/22 22:30:29 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/02/19 11:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/12 13:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013/02/12 13:52:54 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\AppData\Local\HP
[2013/02/12 10:15:00 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\Desktop\Marina 2011
[2013/02/05 17:42:13 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\Documents\Documents\MISC Fountain Stuff
[2013/02/05 17:37:18 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\Documents\Documents\Perfect Patients
[2013/02/05 17:35:56 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\Documents\Documents\Holiday Work Stuff
[2013/02/05 17:23:20 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\Documents\Documents\Personal
[2013/02/05 17:07:18 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\Documents\Documents\Business Cards
[2013/02/05 16:59:10 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\Documents\Documents\Massage Stuff
[2013/02/05 16:49:46 | 000,000,000 | ---D | C] -- C:\Users\Melissa Bodine\Documents\Documents\Ergonomics
[2013/02/04 09:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[4 C:\Users\Melissa Bodine\Documents\Documents\*.tmp files -> C:\Users\Melissa Bodine\Documents\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/23 18:18:07 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/23 17:57:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/23 17:56:58 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/23 17:56:58 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/23 13:56:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1045036589-2546701276-2835346230-1000UA.job
[2013/02/23 13:52:42 | 111,023,119 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2013/02/23 13:43:51 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/23 13:43:27 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2013/02/22 22:38:52 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/22 21:40:39 | 000,000,943 | ---- | M] () -- C:\Users\Melissa Bodine\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/20 16:43:39 | 000,444,127 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\Building Better Babies2.pdf
[2013/02/20 16:39:07 | 000,550,881 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\Building Better Babies halfsheet.pdf
[2013/02/20 16:31:37 | 000,897,024 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\Building Better Babies2.pub
[2013/02/20 16:25:47 | 000,891,392 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\Building Better Babies halfsheet.pub
[2013/02/20 15:56:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1045036589-2546701276-2835346230-1000Core.job
[2013/02/20 15:01:00 | 000,000,302 | ---- | M] () -- C:\Windows\tasks\Registry Optimizer_DEFAULT.job
[2013/02/20 13:43:52 | 000,405,477 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\take 5.pdf
[2013/02/20 13:43:36 | 001,680,896 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\take 5.pub
[2013/02/19 15:17:45 | 000,137,728 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\cwc sign in sheet.pub
[2013/02/19 11:41:08 | 000,033,112 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/02/18 14:42:27 | 000,405,633 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\stress relief break.pdf
[2013/02/18 11:44:16 | 001,460,736 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\alex invitation.pub
[2013/02/18 11:44:05 | 002,950,656 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\dr alex invitation back.pub
[2013/02/18 11:39:48 | 001,436,160 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\coupons.pub
[2013/02/18 11:10:08 | 000,309,256 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2013/02/15 14:37:26 | 000,243,712 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\koala heart.pub
[2013/02/14 16:15:07 | 000,709,814 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/14 16:15:07 | 000,138,558 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/14 10:34:57 | 006,133,760 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\invitation backside.pub
[2013/02/13 18:14:12 | 002,926,592 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\invitation-backside.pub
[2013/02/13 18:14:06 | 001,434,624 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\wellness invitation.pub
[2013/02/12 13:53:03 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2013/02/11 18:37:57 | 003,054,080 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed giveaway.pub
[2013/02/11 18:11:32 | 000,325,394 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed handouts.pdf
[2013/02/11 18:11:00 | 001,652,224 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed handouts.pub
[2013/02/08 14:55:12 | 001,043,190 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed giveaway2.pdf
[2013/02/07 14:58:24 | 001,263,110 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed giveaway.pdf
[2013/02/07 12:38:34 | 000,128,000 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\invitations.pub
[2013/02/07 10:24:35 | 000,128,000 | ---- | M] () -- C:\Users\Melissa Bodine\Documents\Documents\time sheets.pub
[2013/02/05 15:58:43 | 000,000,410 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013/02/04 14:46:58 | 000,002,089 | ---- | M] () -- C:\Users\Melissa Bodine\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/30 11:36:32 | 000,017,492 | ---- | M] () -- C:\Windows\System32\OP5800L.cah
[4 C:\Users\Melissa Bodine\Documents\Documents\*.tmp files -> C:\Users\Melissa Bodine\Documents\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/20 16:43:37 | 000,444,127 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\Building Better Babies2.pdf
[2013/02/20 16:39:04 | 000,550,881 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\Building Better Babies halfsheet.pdf
[2013/02/20 16:25:46 | 000,891,392 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\Building Better Babies halfsheet.pub
[2013/02/20 13:43:50 | 000,405,477 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\take 5.pdf
[2013/02/19 15:17:45 | 000,137,728 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\cwc sign in sheet.pub
[2013/02/18 15:14:29 | 001,680,896 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\take 5.pub
[2013/02/18 14:42:15 | 000,405,633 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\stress relief break.pdf
[2013/02/18 11:44:04 | 002,950,656 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\dr alex invitation back.pub
[2013/02/18 11:39:48 | 001,436,160 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\coupons.pub
[2013/02/15 14:57:46 | 001,460,736 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\alex invitation.pub
[2013/02/15 14:37:25 | 000,243,712 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\koala heart.pub
[2013/02/15 12:33:46 | 000,897,024 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\Building Better Babies2.pub
[2013/02/14 10:34:56 | 006,133,760 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\invitation backside.pub
[2013/02/13 17:45:26 | 002,926,592 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\invitation-backside.pub
[2013/02/12 13:53:03 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/02/11 18:54:00 | 001,434,624 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\wellness invitation.pub
[2013/02/11 18:11:30 | 000,325,394 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed handouts.pdf
[2013/02/11 18:10:59 | 001,652,224 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed handouts.pub
[2013/02/08 14:55:08 | 001,043,190 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed giveaway2.pdf
[2013/02/07 14:45:02 | 001,263,110 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed giveaway.pdf
[2013/02/07 12:38:34 | 000,128,000 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\invitations.pub
[2013/02/07 12:33:55 | 003,054,080 | ---- | C] () -- C:\Users\Melissa Bodine\Documents\Documents\traction bed giveaway.pub
[2013/02/05 15:58:43 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013/01/21 16:23:19 | 000,045,895 | ---- | C] () -- C:\Users\Melissa Bodine\282137_4398199868162_63865723_n.jpg
[2013/01/03 17:22:44 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/09/23 08:31:43 | 029,677,993 | ---- | C] () -- C:\Users\Melissa Bodine\speedyassessment_install.exe
[2012/08/08 11:26:24 | 000,008,192 | -H-- | C] () -- C:\Users\Melissa Bodine\photothumb.db
[2012/08/06 15:15:47 | 000,000,705 | ---- | C] () -- C:\Users\Melissa Bodine\Bubbles_color.xml
[2012/08/06 10:59:48 | 000,073,259 | ---- | C] () -- C:\Users\Melissa Bodine\Bubbles.thmx
[2012/08/02 15:23:06 | 000,015,494 | ---- | C] () -- C:\Users\Melissa Bodine\head massage.jpg
[2012/04/09 14:35:07 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2012/03/28 10:04:03 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/03/26 20:41:55 | 000,043,008 | ---- | C] () -- C:\Users\Melissa Bodine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/29 00:18:41 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2012/01/29 00:14:16 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2012/01/29 00:14:15 | 000,439,336 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2012/01/29 00:14:15 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2012/01/29 00:14:15 | 000,147,456 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2012/01/29 00:14:15 | 000,092,280 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2012/01/29 00:14:14 | 000,982,224 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2012/01/29 00:14:14 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012/01/29 00:14:13 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012/01/28 23:41:30 | 000,000,680 | ---- | C] () -- C:\Users\Melissa Bodine\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/29 03:11:39 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/01/29 02:52:30 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 03:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012/01/29 00:38:47 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\AVG2012
[2012/02/07 10:21:17 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\Babylon
[2012/07/14 10:23:50 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\BlueSprig
[2012/02/03 20:57:31 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\Canon
[2012/02/21 20:04:15 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\FreeFileViewer
[2013/01/15 17:14:16 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\FreeFixer
[2012/07/14 10:21:21 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\IObit
[2012/03/10 18:07:27 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\MusicNet
[2012/10/02 07:40:41 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\Nico Mak Computing
[2012/04/03 16:09:20 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\Opera
[2012/11/28 14:33:30 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\PhotoScape
[2013/01/03 12:12:31 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\SmartDraw
[2012/11/01 13:38:04 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\SystemRequirementsLab
[2012/07/12 10:18:04 | 000,000,000 | ---D | M] -- C:\Users\Melissa Bodine\AppData\Roaming\TeamViewer
 
========== Purity Check ==========
 
 

< End of report >
Logged
pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« Reply #8 on: February 24, 2013, 01:23:10 AM »

OTL Extras logfile created on: 2/23/2013 6:10:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Melissa Bodine\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.96 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 41.23% Memory free
6.12 Gb Paging File | 4.40 Gb Available in Paging File | 71.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.85 Gb Total Space | 132.44 Gb Free Space | 56.88% Space Free | Partition Type: NTFS
 
Computer Name: MELISSABODIN-PC | User Name: Melissa Bodine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07CE859A-7B8C-4446-B708-E5A3F43A6EAC}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{0F01645F-8016-40B6-BBFB-2AA334393FC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{31DFF252-9059-4B8B-BAF0-5CA9D89C3F09}" = rport=137 | protocol=17 | dir=out | app=system |
"{3512408C-4E2C-4674-8319-299D0FCF0467}" = lport=137 | protocol=17 | dir=in | app=system |
"{4516670B-56A2-41F6-BE1A-901EE49AC4AF}" = lport=445 | protocol=6 | dir=in | app=system |
"{465048FC-47BD-443B-ABFA-20D2129B6167}" = rport=445 | protocol=6 | dir=out | app=system |
"{6E0A1413-32B0-49D3-A6A4-4DBDDDD98164}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{81A9E8D1-B547-4443-8DAB-C0CC41D66D4A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BD445D82-C10D-47D8-AF5C-187BAD532837}" = rport=138 | protocol=17 | dir=out | app=system |
"{C810623B-A48D-4317-B757-1AD3A335FED4}" = lport=139 | protocol=6 | dir=in | app=system |
"{D1B7B03C-8DB6-4C2A-98DB-F5FF8AE7E6FF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D21A4D47-3205-4CB1-A42F-7080C56D4A35}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D50214B1-854E-4E89-B9AD-9AA7B0F390EF}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{DB60F17A-4D3E-4EDC-A583-53C948AC6A06}" = lport=138 | protocol=17 | dir=in | app=system |
"{DF9746CF-F14B-4F5F-9839-E5A0C5979EB3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E714DBDF-6C43-4543-9782-05D675A9D8EE}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{F7E58C4F-7443-4260-8DC4-3515D2E2C902}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F876D098-06A1-41B1-AA95-7445DC0F0334}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FD82031A-2ED6-4C0E-AA15-3BB756ED9078}" = rport=139 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019CF70D-FE38-4264-81FF-FBB271A406F7}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{023E3CF6-6330-4058-AEAB-4EFCC3E93B9A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{06503A72-EC41-4B73-9470-DECC0F1A5480}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{088F8E6B-54C4-4682-AC5F-9AAB1B391B43}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0A3FBE8D-1F77-48F9-BDFE-26139DE253CC}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{1793071A-5B13-4FD9-A238-71AB7904A0BD}" = dir=in | app=c:\program files\freefileviewer\ffvcheckforupdates.exe |
"{1D589AFB-45F4-47CA-9C4C-295D6E23CCD0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{23FBD34A-6CC9-448A-8972-C82DBC113D3D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2610170B-FB13-4E9F-9710-C51E70857452}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{2F98FA6A-F28D-4861-8A33-6FA10B36651A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{303E80A9-C7CD-49BF-B43D-4A949DB8E1AA}" = protocol=6 | dir=in | app=c:\users\melissa bodine\downloads\cnet2_coreldrawgraphicssuitex6installer_en32bit_exe.exe |
"{3A5D616F-513E-4E50-ABFA-0650A49E6E6F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3E6ADB73-F619-4F21-A9AB-A1B15C40F792}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{41013C78-4B54-403D-854C-BC95D8EC79FB}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{46CA4A7D-05C6-4AE6-B6BA-FA0F93DA566A}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{4CDC8FCC-27F9-4308-8817-14E94909DBAD}" = protocol=17 | dir=in | app=c:\users\melissa bodine\downloads\cnet2_coreldrawgraphicssuitex6installer_en32bit_exe.exe |
"{4F419111-DD16-43BE-B17F-9B3572D8C52D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{50F10B66-77D1-43D0-A8DA-9DCC1B68E00F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{56E6013A-1911-4D21-AC34-26C2C9BB2C99}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{5E00BE5E-736D-4C24-8990-15FCDC3BE654}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6AEE4C67-1B52-448D-BC4A-39784472E3BE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{71695002-AC61-4788-9518-7B7FCC79D355}" = dir=in | app=c:\program files\file type assistant\tsassist.exe |
"{7243241A-F406-480C-8E9E-F3ED114C2B43}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{76DDB1AF-550D-4C2C-AB97-455B2F453DD3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7DFC4D0E-11B3-4C71-9F7E-FF397965E348}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9AB938E7-8E31-4916-8658-96D3241A03C4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{9AC6FDE5-B271-4B20-A6CF-463BAFCE1719}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{9DA7B04C-C317-43D0-A944-E45F8949BC92}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A0C0061A-A233-4430-B2C0-3114368E80DA}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A82063E5-CDB6-474C-90E3-CF787B9FD393}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{BBFAD45A-64A3-4770-B36B-3359A8970958}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{C3EBBF79-E4D7-479C-9F73-0F49FF2A5851}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{CFFC3CD2-99A5-4FE9-ACE7-570C7990FE2D}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{D37F829B-CD80-4AA5-9E56-D7F35AC2A79E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D5AF7468-B58A-463C-B6E4-A46908E8C8B4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{D652E9CF-411D-4802-BB78-CF638D7FF7BD}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{F7A6EF1C-FB7E-4FB7-83F1-8BC7337D9D71}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"TCP Query User{106B9836-5C17-4281-8BAC-9C669CDAC0C5}C:\users\melissa bodine\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\melissa bodine\desktop\utorrent.exe |
"TCP Query User{A926732A-CF29-452D-A899-021B3C17EA26}C:\users\melissa bodine\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\melissa bodine\desktop\utorrent.exe |
"TCP Query User{B4B12F96-A9BE-48CC-9832-C6AB230CA5CE}C:\program files\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"UDP Query User{21EEA577-4651-45EC-B631-372A268D3F66}C:\users\melissa bodine\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\melissa bodine\desktop\utorrent.exe |
"UDP Query User{2D4D2F60-5BE3-44E8-AE55-E1231BF4E16F}C:\program files\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"UDP Query User{4672678B-A3C8-4F07-8183-0D9471FC6F18}C:\users\melissa bodine\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\melissa bodine\desktop\utorrent.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6
"_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0084B0C3-F376-42E3-804A-885D249282BD}" = CorelDRAW Graphics Suite X6 - IPM
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series" = Canon MX340 series MP Drivers
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C93D216-E9C1-4089-807F-D2E10ED1630E}" = CorelDRAW Graphics Suite X6 - EN
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{25D69CEE-3EE2-47FD-9A0E-5013240EC953}" = CorelDRAW Graphics Suite X6 - Common
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{286C5BE9-7E61-4AC1-B674-BED333C35F73}" = AVG 2012
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{318FF3D7-0C40-483B-AF92-AF36416B0AC6}" = CorelDRAW Graphics Suite X6 - Writing Tools
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6 - Setup Files
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{530AFAFF-6F0A-48BB-88D0-04F9658322D3}" = Adobe Premiere Elements 3.0.2
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}" = CorelDRAW Graphics Suite X6 - FontNav
"{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}" = CorelDRAW Graphics Suite X6 - Custom Data
"{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}" = CorelDRAW Graphics Suite X6 - Redist
"{6A5D1A94-624A-4D20-B178-3A283B500370}" = Adobe Setup
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6EACDDF4-4220-49A3-9204-984C86852C3D}" = Adobe Premiere Elements 3.0.2 Templates
"{6F53FB68-6620-423E-B7CD-B8205655B421}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74FA94F1-9566-4252-9372-E7EAFFEFE209}" = CorelDRAW Graphics Suite X6 - Capture
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}" = CorelDRAW Graphics Suite X6 - Filters
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}" = CorelDRAW Graphics Suite X6 - VSTA
"{7F9F6864-8CAB-440C-AF44-030D0135666D}" = CorelDRAW Graphics Suite X6
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{879E2460-18F9-48F2-B736-4E814A699504}" = CorelDRAW Graphics Suite X6 - VBA
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92F39985-0DA5-4CC4-869F-2A3048C182E6}" = System Requirements Lab
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{BBFDD98A-16DB-4A78-82A3-12ECCA29F1B0}" = AVG 2012
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5262276-0075-498B-B80F-7D997482E4DB}" = CorelDRAW Graphics Suite X6 - Draw
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D4A17D31-2F7B-4682-AD57-467021452909}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin
"{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}" = CorelDRAW Graphics Suite X6 - Connect
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDFEB503-D662-4224-82C9-37A5698FDC25}" = CorelDRAW Graphics Suite X6 - VideoBrowser
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"Adobe_247961ef275e20c5cb073c36394ac32" = Add or Remove Adobe Creative Suite 3 Web Premium
"AVG" = AVG 2012
"AVG Secure Search" = AVG Security Toolbar
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Canon MX340 series User Registration" = Canon MX340 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"FreeFileViewer_is1" = Free File Viewer 2011
"FreeFixer1.01" = FreeFixer
"JustCloud" = JustCloud
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 19.0 (x86 en-US)" = Mozilla Firefox 19.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PremElem30" = Adobe Premiere Elements 3.0.2
"PROR" = Microsoft Office Professional 2007
"Speed Dial Utility" = Canon Speed Dial Utility
"Trusted Software Assistant_is1" = File Type Assistant
"TVWiz" = Intel(R) TV Wizard
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2/20/2013 3:46:40 PM | Computer Name = MelissaBodin-PC | Source = Perflib | ID = 1008
Description =
 
Error - 2/20/2013 3:46:40 PM | Computer Name = MelissaBodin-PC | Source = Perflib | ID = 1010
Description =
 
Error - 2/20/2013 3:46:46 PM | Computer Name = MelissaBodin-PC | Source = Perflib | ID = 1008
Description =
 
Error - 2/22/2013 11:40:26 PM | Computer Name = MelissaBodin-PC | Source = Fantapper: Firefox Installer | ID = 0
Description = Uninstall FAILED!
 
Error - 2/23/2013 12:14:11 AM | Computer Name = MelissaBodin-PC | Source = Perflib | ID = 1008
Description =
 
Error - 2/23/2013 12:14:11 AM | Computer Name = MelissaBodin-PC | Source = Perflib | ID = 1010
Description =
 
Error - 2/23/2013 12:14:12 AM | Computer Name = MelissaBodin-PC | Source = Perflib | ID = 1008
Description =
 
Error - 2/23/2013 7:56:58 PM | Computer Name = MelissaBodin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 2/23/2013 7:56:58 PM | Computer Name = MelissaBodin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14170226
 
Error - 2/23/2013 7:56:58 PM | Computer Name = MelissaBodin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14170226
 
[ OSession Events ]
Error - 8/22/2012 7:54:11 PM | Computer Name = MelissaBodin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9479
 seconds with 1260 seconds of active time.  This session ended with a crash.
 
Error - 9/19/2012 12:56:51 PM | Computer Name = MelissaBodin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3652
 seconds with 960 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 8/22/2012 11:51:27 AM | Computer Name = MelissaBodin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
 timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
 your computer manufacturer for an upgraded BIOS. In some situations, this error
 may cause the computer to function incorrectly.
 
Error - 8/23/2012 12:24:40 PM | Computer Name = MelissaBodin-PC | Source = DCOM | ID = 10016
Description =
 
Error - 8/23/2012 12:24:54 PM | Computer Name = MelissaBodin-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 8/23/2012 12:25:11 PM | Computer Name = MelissaBodin-PC | Source = DCOM | ID = 10016
Description =
 
Error - 8/24/2012 11:14:06 AM | Computer Name = MelissaBodin-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer HP Officejet Pro K850 Series
 with shared resource name HP Officejet Pro K850 Series. Error 1722. The printer
 cannot be used by others on the network.
 
Error - 8/24/2012 11:15:05 AM | Computer Name = MelissaBodin-PC | Source = DCOM | ID = 10016
Description =
 
Error - 8/24/2012 11:15:31 AM | Computer Name = MelissaBodin-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 8/24/2012 11:15:48 AM | Computer Name = MelissaBodin-PC | Source = DCOM | ID = 10016
Description =
 
Error - 8/26/2012 12:56:12 PM | Computer Name = MelissaBodin-PC | Source = DCOM | ID = 10016
Description =
 
Error - 8/26/2012 12:56:48 PM | Computer Name = MelissaBodin-PC | Source = DCOM | ID = 10016
Description =
 
 
< End of report >
Logged
pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« Reply #9 on: February 24, 2013, 01:32:59 AM »

CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
c:\program files\corel\coreldraw graphics suite x6\custom data\bumpmap\cracks.cpt
scanner sequence 3.AP.11.CSNAJM
 ----- EOF -----


I REALLY hope that "cracks" doesn't mean the cracked software thing you're talking about in the rules because I don't even know what that is... so if that's the case, I am a bigger idiot than originally thought...I work at a chiropractic office and do all of their marketing stuff but I don't have the adequate software so I (stupidly) downloaded "free" software and 30 day trials, etc throughout the past year... I really think it was one of the stupid fonts I downloaded but I could be wrong... I only used BitTorrent for a day or two before learning the dangers; maybe what I should be working on here are my decision making skills and impulse control.  And talking to my boss about buying me software. And a new computer.  That's my two cents.  I will keep doing whatever you tell me to do. And thank you so much. 
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #10 on: February 24, 2013, 04:50:58 AM »

Hi

No, the CKscanner log is fine.

AdwCleaner

Download AdwCleaner from HERE & save it to your desktop.

  • Right click AdwCleaner.exe & chosse "Run as Administrator" to run it.
  • Click Search.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window, click ok to the prompt.
  • Post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[R1].txt.
.


Malwarebytes' Anti-Malware (MBAM)

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup-version.number.exe and follow the prompts to install the program.
  • At the end, Uncheck Enable the free trial Malwarebytes' Anti-Malware PRO
     (You can activate this when we've finished, if you wish)
  • Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Select the Settings tab, then the Scanner Settings tab
  • For Action for Potentially Unwanted Programs (PUP), choose Show in results list and check for removal
  • Select to the Scanner tab, select Perform Quick scan, then click on Scan
  • When done, you will be prompted. Click OK. If Items are found, then click on Show Results
  • Check all items then click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply.

The log can also be found here:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Or via the Logs tab when the application is started.
.
Note: MBAM may ask to reboot your computer so it can continue with the removal process, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.




Logged

melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #11 on: February 26, 2013, 08:07:24 AM »

Hi pennylane821

It has been over two days since my last post.

  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • Topics can be closed after 3 days without a response. If you do not reply within that time, the topic will be closed.
Logged

pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« Reply #12 on: February 27, 2013, 04:59:03 PM »

I am sorry, I am doing it now, it has been very chaotic here with snowmageddon one and two hitting.... working on next scans now...
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #13 on: February 27, 2013, 05:12:02 PM »

Hi Smiley

Ok, post the logs when you have them.
Logged

pennylane821
Newbie
*
Offline Offline

Gender: Female
Date Registered:January 21, 2013, 05:15:53 PM
Posts: 23


"I'll see you on the dark side of the moon...."


« Reply #14 on: February 27, 2013, 05:26:32 PM »

# AdwCleaner v2.113 - Logfile created 02/27/2013 at 16:20:24
# Updated 23/02/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium  (32 bits)
# User : Melissa Bodine - MELISSABODIN-PC
# Boot Mode : Normal
# Running from : C:\Users\Melissa Bodine\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Found : C:\user.js
File Found : C:\Users\Melissa Bodine\AppData\Roaming\Mozilla\Firefox\Profiles\awu69gy8.default\searchplugins\Search_Results.xml
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Yontoo
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\MELISS~1\AppData\Local\Temp\avg@toolbar
Folder Found : C:\Users\Melissa Bodine\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Melissa Bodine\AppData\Local\Babylon
Folder Found : C:\Users\Melissa Bodine\AppData\Local\Conduit
Folder Found : C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0
Folder Found : C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Folder Found : C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Found : C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Folder Found : C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Found : C:\Users\Melissa Bodine\AppData\Local\I Want This
Folder Found : C:\Users\Melissa Bodine\AppData\Local\Zoom_Downloader
Folder Found : C:\Users\Melissa Bodine\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Melissa Bodine\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Melissa Bodine\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Melissa Bodine\AppData\LocalLow\BitTorrentControl_v12
Folder Found : C:\Users\Melissa Bodine\AppData\LocalLow\Conduit
Folder Found : C:\Users\Melissa Bodine\AppData\Roaming\Babylon
Folder Found : C:\Users\Melissa Bodine\AppData\Roaming\Mozilla\Firefox\Profiles\awu69gy8.default\Smartbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\I Want This
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BitTorrentControl_v12
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011221158}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022222258}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033223358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B69AB9E-64FC-40A5-B51E-275841AF64AA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044224458}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CCC95C6-5A2B-445F-8471-D265388F0AE0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8028255A-A01A-4FF6-AE28-710090AEC3DC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Tarma Installer
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-1045036589-2546701276-2835346230-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1045036589-2546701276-2835346230-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-1045036589-2546701276-2835346230-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Found : HKU\S-1-5-21-1045036589-2546701276-2835346230-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16982

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?babsrc=HP_Prot
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={886F4E32-CF75-48F1-873E-995A1DE92691}&mid=19a4c4d07c4147d18f2c1d955f2f7fa6-e9ace9bb0cf9b350409bebb1e50452052adfb509&lang=en&ds=ft011&pr=sa&d=2012-07-14 11:24:52&pid=avg&sg=&v=14.2.0.1&sap=nt

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\Melissa Bodine\AppData\Roaming\Mozilla\Firefox\Profiles\awu69gy8.default\prefs.js

Found : user_pref("CT3225826.129887590378280857.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0[...]
Found : user_pref("CT3225826.BT_Stats", "{\"last_log\":1354742832,\"uuid\":592939124055163,\"seq_id\":43,\"s[...]
Found : user_pref("CT3225826.BT_Usage", "{\"uuid\":592939124055163,\"seq_id\":11}");
Found : user_pref("CT3225826.CBOpenMAMSettings", "0");
Found : user_pref("CT3225826.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3225826.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3225826.FirstTime", "true");
Found : user_pref("CT3225826.FirstTimeFF3", "true");
Found : user_pref("CT3225826.UserID", "UN39771894164519916");
Found : user_pref("CT3225826.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3225826.autoDisableScopes", 14);
Found : user_pref("CT3225826.cb", "0");
Found : user_pref("CT3225826.cb_experience_000", "522");
Found : user_pref("CT3225826.cb_firstuse0100", "1");
Found : user_pref("CT3225826.cbcountry_001", "US");
Found : user_pref("CT3225826.cbfirsttime", "Sat Sep 22 2012 18:48:33 GMT-0500 (Central Daylight Time)");
Found : user_pref("CT3225826.defaultSearch", "FALSE");
Found : user_pref("CT3225826.embeddedsData", "[{\"appId\":\"129830626805552092\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT3225826.enableAlerts", "always");
Found : user_pref("CT3225826.enableSearchFromAddressBar", "FALSE");
Found : user_pref("CT3225826.firstTimeDialogOpened", "true");
Found : user_pref("CT3225826.fixPageNotFoundError", "true");
Found : user_pref("CT3225826.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3225826.fixUrls", true);
Found : user_pref("CT3225826.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES", "op[...]
Found : user_pref("CT3225826.installId", "fftDA29.tmp.exe");
Found : user_pref("CT3225826.installType", "XPE");
Found : user_pref("CT3225826.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3225826.isNewTabEnabled", false);
Found : user_pref("CT3225826.isPerformedSmartBarTransition", "true");
Found : user_pref("CT3225826.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3225826.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Found : user_pref("CT3225826.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxps[...]
Found : user_pref("CT3225826.openThankYouPage", "true");
Found : user_pref("CT3225826.openUninstallPage", "FALSE");
Found : user_pref("CT3225826.search.searchAppId", "129830626805552092");
Found : user_pref("CT3225826.search.searchCount", "0");
Found : user_pref("CT3225826.searchInNewTabEnabled", "false");
Found : user_pref("CT3225826.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT3225826.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3225826.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3225826.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT3225826.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3225826.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3225826.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT3225826.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1354051245877");
Found : user_pref("CT3225826.serviceLayer_services_appTracking_lastUpdate", "1352299999763");
Found : user_pref("CT3225826.serviceLayer_services_appsMetadata_lastUpdate", "1354748494356");
Found : user_pref("CT3225826.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1354726631552");
Found : user_pref("CT3225826.serviceLayer_services_login_10.10.27.6_lastUpdate", "1354741032473");
Found : user_pref("CT3225826.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1354726631645");
Found : user_pref("CT3225826.serviceLayer_services_searchAPI_lastUpdate", "1354742516365");
Found : user_pref("CT3225826.serviceLayer_services_serviceMap_lastUpdate", "1354742515298");
Found : user_pref("CT3225826.serviceLayer_services_toolbarContextMenu_lastUpdate", "1354726631480");
Found : user_pref("CT3225826.serviceLayer_services_toolbarSettings_lastUpdate", "1354748494020");
Found : user_pref("CT3225826.serviceLayer_services_translation_lastUpdate", "1354742515473");
Found : user_pref("CT3225826.settingsINI", true);
Found : user_pref("CT3225826.shouldFirstTimeDialog", "false");
Found : user_pref("CT3225826.smartbar.CTID", "CT3225826");
Found : user_pref("CT3225826.smartbar.Uninstall", "0");
Found : user_pref("CT3225826.smartbar.isHidden", true);
Found : user_pref("CT3225826.smartbar.toolbarName", "BitTorrentControl_v12 ");
Found : user_pref("CT3225826.toolbarBornServerTime", "23-9-2012");
Found : user_pref("CT3225826.toolbarCurrentServerTime", "5-12-2012");
Found : user_pref("CT3225826.url_history0001", "hxxps://www.google.com:::clickhandler:::1354746702089,,,hxxp[...]
Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\11.1.0.12");
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.order.1", "Search Results");
Found : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid={886F4E32-CF75-48F1-873E-995A1DE92691}&[...]

-\\ Google Chrome v25.0.1364.97

File : C:\Users\Melissa Bodine\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.1] : icon_url ={"apps_promo_counter":11,"backup":{"_signature":"bjs6ljZH6ecBxZXawS/HsKKbuKcf0z6siYn0gilKsxE=","_version":4,"browser":{"show_home_button":true},"extensions":{"ids":["ahfgeienlihckogmohjhadlkjgocpleb","blpcfgokakmgnkcojhhkbfbldkacnbeo","coobgpohoikkiipiblmjeljniedjpjpf","dknkjnkhedbanphkkpbpcgoblmkbfhlf","eemcgdkfndhakfknompkggombfjjjeno","jmfkcklnlgedgbglfkkgedjfmejoahla","mfehgcgbbipciphmccgaenjidiccnmng","mpfapcdfbbledbojijcbcclmlieaoogk","ndibdjnfmopecpmkdieinmbadjfpblof","niapdbllcanepiiimjjndipklodoedlc","ohgcjecomkebbohfjgmncelbhogbbokf","pjkljhegncpnkpknbcohdijeoejaedia"]},"homepage":"hxxp://www.google.com/","homepage_is_newtabpage":false,"session":{"restore_on_startup":4,"urls_to_restore_on_startup":["hxxp://www.google.com/"]}},"browser":{"check_default_browser":false,"clear_lso_data_enabled":true,"last_known_google_url":"hxxp://www.google.com/","last_prompted_google_url":"hxxp://www.google.com/","pepper_flash_settings_enabled":true,"show_home_button":true,"window_placement":{"bottom":738,"left":20,"maximized":true,"right":1070,"top":20,"work_area_bottom":738,"work_area_left":0,"work_area_right":1366,"work_area_top":0}},"cloud_print":{"email":""},"countryid_at_install":21843,"default_apps_install_state":3,"default_search_provider":{"alternate_urls":["{google:baseURL}#q={searchTerms}","{google:baseURL}search#q={searchTerms}","{google:baseURL}webhp#q={searchTerms}"],"enabled":true,"encodings":"UTF-8","hxxp://www.google.com/favicon.ico","id":"2","instant_url":"{google:baseURL}webhp?sourceid=chrome-instant&{google:RLZ}{google:instantEnabledParameter}ie={inputEncoding}","keyword":"google.com","name":"Google","prepopulate_id":"1","search_url":"{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}","synced_guid":"8E60E9B8-9169-46AF-A063-EF77215F1DE8"},"distribution":{"make_chrome_default_for_user":true},"dns_prefetching":{"host_referral_list":[2,["hxxp://contentcache-a.akamaihd.net/",["hxxp://i.trkjmp.com/",0.7254856331277335,"hxxp://secure.trusted-serving.com/",1.442460635370944]],["hxxp://d.agkn.com/",["hxxp://b3.mookie1.com/",0.990284415120,"hxxp://d.agkn.com/",1.134171894240,"hxxp://idsync.rlcdn.com/",1.134171894240,"hxxp://p.acxiom-online.com/",0.990284415120,"hxxp://r.nexac.com/",0.990284415120,"hxxp://su.addthis.com/",0.990284415120,"hxxp://t.mookie1.com/",0.990284415120]],["hxxp://driversdownloading.org/",["hxxp://aa.static.facdn.com/",2.27338020,"hxxp://contentcache-a.akamaihd.net/",4.585621599999999,"hxxp://driversdownloading.org/",8.549463999999997,"hxxp://edge.easyinline.com/",4.585621599999999,"hxxp://edge.omnitwig.com/",2.93402060,"hxxp://ib.adnxs.com/",2.60370040,"hxxp://optimizedby.brealtime.com/",2.60370040,"hxxp://partners.cltrda.com/",2.27338020,"hxxp://srv.purpleflag.net/",2.27338020,"hxxp://www.superfish.com/",2.93402060]],["hxxp://driversdownloadnow.com/",["hxxp://aa.static.facdn.com/",2.93402060,"hxxp://contentcache-a.akamaihd.net/",4.585621599999999,"hxxp://driversdownloadnow.com/",8.549463999999997,"hxxp://edge.easyinline.com/",4.255301399999999,"hxxp://edge.jeetyetmedia.com/",2.60370040,"hxxp://i.trkjmp.com/",2.27338020,"hxxp://level3cdn.brandaffinity.net/",2.27338020,"hxxp://s.nsdsvc.com/",2.60370040,"hxxp://srv.purpleflag.net/",2.27338020,"hxxp://www.superfish.com/",3.924981199999999]],["hxxp://edge.jeetyetmedia.com/",["hxxp://cache.static.pulse360.com/",2.93402060,"hxxp://content.pulse360.com/",2.27338020,"hxxp://openx.jeetyetmedia.com/",2.60370040,"hxxp://service.blankbase.com/",0.4313678912262720,"hxxp://static.pulse360.com/",2.60370040]],["hxxp://edge.omnitwig.com/",["hxxp://edge.omnitwig.com/",1.003593299380787]],["hxxp://h10025.www1.hp.com/",["hxxp://contentcache-a.akamaihd.net/",3.594660999999999,"hxxp://contentserv.brandaffinity.net/",2.60370040,"hxxp://di106.shopping.com/",2.27338020,"hxxp://h10025.www1.hp.com/",11.52234580,"hxxp://i.trkjmp.com/",2.27338020,"hxxp://image13.bizrate-images.com/",2.27338020,"hxxp://level3cdn.brandaffinity.net/",2.27338020,"hxxp://s.nsdsvc.com/",2.60370040,"hxxp://www.superfish.com/",3.924981199999999,"hxxps://siteintercept.qualtrics.com/",2.27338020]],["hxxp://ib.adnxs.com/",["hxxp://ad.yieldmanager.com/",1.320604615120,"hxxp://ads.cpxinteractive.com/",0.990284415120,"hxxp://adserving.cpxinteractive.com/",0.990284415120,"hxxp://b.scorecardresearch.com/",1.320604615120,"hxxp://c.betrad.com/",1.853609289840,"hxxp://cdn.adnxs.com/",2.27338020,"hxxp://ib.adnxs.com/",1.320604615120,"hxxp://l.betrad.com/",0.990284415120,"hxxp://view.atdmt.com/",1.134171894240,"hxxp://webmedia.hrblock.com/",1.134171894240]],["hxxp://partners.cltrda.com/",["hxxp://partners.cltrda.com/",3.924981199999999]],["hxxp://secure.trusted-serving.com/",["hxxp://b.scorecardresearch.com/",2.60370040,"hxxp://cdn.udmserve.net/",2.27338020,"hxxp://cm.ac3.msn.com/",2.27338020,"hxxp://d.agkn.com/",2.60370040,"hxxp://gzip.udmserve.net/",2.27338020,"hxxp://ib.adnxs.com/",2.60370040,"hxxp://m.adnxs.com/",2.27338020,"hxxp://p.trusted-serving.com/",2.27338020,"hxxp://pixel.quantserve.com/",2.27338020,"hxxp://r.openx.net/",2.27338020]],["hxxp://tags.bluekai.com/",["hxxp://aidps.atdmt.com/",0.9055755703462719,"hxxp://d.p-td.com/",0.9055755703462719,"hxxp://d.turn.com/",0.9055755703462719,"hxxp://segment-pixel.invitemedia.com/",0.9055755703462719,"hxxp://tags.bluekai.com/",0.9055755703462719]],["hxxp://toolbar.utorrent.com/",["hxxp://127.0.0.1:10000/",0.5755544662414406,"hxxp://127.0.0.1:10015/",0.5482521969413654,"hxxp://127.0.0.1:10078/",0.5472692043822317,"hxxp://127.0.0.1:10231/",0.5472692043822317,"hxxp://127.0.0.1:10516/",0.07306152526223173,"hxxp://127.0.0.1:10975/",0.08338891513460904,"hxxp://toolbar.utorrent.com/",5.230765291082160]],["hxxp://view.atdmt.com/",["hxxp://ib.adnxs.com/",2.27338020,"hxxp://spe.atdmt.com/",2.27338020]],["hxxp://webmedia.hrblock.com/",["hxxp://b.scorecardresearch.com/",2.27338020,"hxxp://webmedia.hrblock.com/",3.594660999999999,"hxxps://d.p-td.com/",2.27338020]],["hxxp://www.domain-searches.com/",["hxxp://contentserv.brandaffinity.net/",2.27338020]],["hxxp://www.google.com/",["hxxp://api.yontoo.com/",2.27338020,"hxxp://clients1.google.com/",2.27338020,"hxxp://contentserv.brandaffinity.net/",2.27338020,"hxxp://edge.buzzdock.com/",2.60370040,"hxxp://edge.jeetyetmedia.com/",2.60370040,"hxxp://ssl.gstatic.com/",2.27338020,"hxxp://www.google.com/",5.768167915999998]],["hxxp://www.lnksr.com/",["hxxp://api.yontoo.com/",2.27338020,"hxxp://contentcache-a.akamaihd.net/",2.27338020,"hxxp://contentserv.brandaffinity.net/",2.27338020,"hxxp://srv.purpleflag.net/",2.27338020]],["hxxp://www.socialgrowthtechnologies.com/",["hxxp://ajax.googleapis.com/",0.5851021449644205,"hxxp://api.conduit.com/",0.5902826784861187,"hxxp://c247723.r23.cf1.rackcdn.com/",0.5851021449644205,"hxxps://searchjs.s3.amazonaws.com/",1.169602514279164]],["hxxp://www.superfish.com/",["hxxp://www.superfish.com/",1.342758467318417]],["hxxp://www.uncoverinfo.com/",["hxxp://contentserv.brandaffinity.net/",2.27338020]],["hxxp://www.uncoverthenet.com/",["hxxp://aa.static.facdn.com/",2.93402060,"hxxp://ajax.googleapis.com/",4.255301399999999,"hxxp://contentcache-a.akamaihd.net/",3.594660999999999,"hxxp://edge.easyinline.com/",4.255301399999999,"hxxp://edge.omnitwig.com/",4.255301399999999,"hxxp://i.trkjmp.com/",2.27338020,"hxxp://js.myinfotopia.com/",2.27338020,"hxxp://optimizedby.brealtime.com/",2.60370040,"hxxp://partners.cltrda.com/",2.27338020,"hxxp://www.superfish.com/",2.93402060]],["hxxps://hpsupport.qualtrics.com/",["hxxps://a248.e.akamai.net/",3.264340799999999]],["hxxps://remote.bittorrent.com/",["hxxps://api.mixpanel.com/",2.457556104889546,"hxxps://remote.bittorrent.com/",6.822469186708291,"hxxps://ssl.google-analytics.com/",2.457556104889546]]],"startup_list":[1,"hxxp://alert.services.conduit.comalerts/","hxxp://api.yontoo.com/","hxxp://contextmenu.toolbar.conduit-services.com/","hxxp://ip2location.conduit-services.com/","hxxp://login.toolbar.conduit-services.com/","hxxp://newtab.settings.conduit-services.com/","hxxp://servicemap.conduit-services.com/","hxxp://settings.toolbar.search.conduit.com/","hxxp://translation.toolbar.conduit-services.com/","hxxp://www.google.com/"]},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"13004602551907399","next_check":"13004619723584399"},"blacklistupdate":{"lastpingday":"13004524805343399","version":"0.0.0.139"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"],"newtab":["chrome-extension://dknkjnkhedbanphkkpbpcgoblmkbfhlf/Search/NewTabPages/html/new_tab.html","chrome-extension://ndibdjnfmopecpmkdieinmbadjfpblof/content/redirect.html"]},"last_chrome_version":"24.0.1312.57","settings":{"aakhlmakppmkkmfkoibponkmmpgpmjgl":{"blacklist":true},"aandpgohbohmlknpjbblpmoladhoochg":{"blacklist":true},"abciiempgohamehppammbkhkicmkgkob":{"blacklist":true},"abfclfmhaemoockhhinpplncjehfpdbd":{"blacklist":true},"acmpfcamncegnhjdeiodgilikjafcamg":{"blacklist":true},"acomnmbomlajgjbcijkflekoojdfcldj":{"blacklist":true},"aconhjfogglfnkjhkjipaifepjklolog":{"blacklist":true},"aebfkgcamgnimcbnbiopgdakknjgggnm":{"blacklist":true},"aemcjbfajnnmhblifaejadoecfoaebld":{"blacklist":true},"afenhmponmfmdmbmccbmglppcmjhmhmh":{"blacklist":true},"aglmapjbjphdidmnileogpjkgpdoliep":{"blacklist":true},"agmhonoepgcnakccfpidhjehlocaeaaj":{"blacklist":true},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_index":-2,"app_launcher_ordinal":"h","page_index":0,"page_ordinal":"n"},"ahjfgnikolodijnpakeknpilnemojlhc":{"blacklist":true},"aieglpnmmhleoenpbmfaffppfomgjmba":{"blacklist":true},"aieihijcjcccdiepockaiekhpflicdii":{"blacklist":true},"aifmjmboebdkdelpjenakhaodgneempp":{"blacklist":true},"ajlkjjdbgcjdiklbcomhnfghjigfccoh":{"blacklist":true},"akadaakimgegecohlifeejdnnjbnobop":{"blacklist":true},"akbdojiajlefghcdclgkgmbbljamgehd":{"blacklist":true},"alcbnnpmipohgdllkkglhkbncijplago":{"blacklist":true},"aldalonecchncedclgcndcndgilaclnk":{"blacklist":true},"alfahpoknocfdebmiclonikapcnljlob":{"blacklist":true},"aljdncnajablgppdcfbehhmidlmbndda":{"blacklist":true},"amfgdngndpfldigimkcindjalokfnmem":{"blacklist":true},"amoobcjlpgloocplpikcldcpjjdnoeii":{"blacklist":true},"anmjpohfnlopdfaojooicpemopnliimn":{"blacklist":true},"aofechiiopolnegcjcddgedjabmkemhf":{"blacklist":true},"aojicjocmihiopalnhjikigammkhgckb":{"blacklist":true},"apdebchnkegjokdjplmfmepcdgneemhe":{"blacklist":true},"apdmgffkfhjfeejmbjidennfjdkmmmbl":{"blacklist":true},"aphncaagnlabkeipnbbicmcahnamibgb":{"blacklist":true},"bandboadndbkchlpicmfkpoedgnocblf":{"blacklist":true},"bcddmcejgphfgofbpoocakaeapfomlek":{"blacklist":true},"bdgijcibmhjjccgbdohofncdjcophknj":{"blacklist":true},"benclngoadbppljglhphhnfknoppmjoa":{"blacklist":true},"bhdkpmneahdelgdgfhddianklldfoell":{"blacklist":true},"bhmahaiplmeodpakkcchmolaihbhkpdl":{"blacklist":true},"bilgncckogfgfipdlejkffnbkgjkmflh":{"blacklist":true},"bioeopenmokdgbekbgpgnacecjmpckbb":{"blacklist":true},"bjihddggcgnblgojnmhpnngonofbnkaj":{"blacklist":true},"bkhafliomebnpccanacmlfaemgfiofko":{"blacklist":true},"bkkchglolnigbfncnbnnbhhempjkdpkf":{"blacklist":true},"bkplhcigeaiiliajeehehiikokgocbhb":{"blacklist":true},"bldgnkigdcpgnbfehgbameigoohecdfl":{"blacklist":true},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"active_permissions":{"api":["appNotifications"]},"app_launcher_ordinal":"t","creation_flags":9,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["appNotifications"]},"install_time":"13003519853261200","lastpingday":"13004524804802399","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"en_US","default_locale":"en","description":"The world's most popular online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","permissions":["appNotifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.5"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.5_0","state":1,"was_installed_by_default":false},"bndahdijlcnncjbpammoedeapmlobllc":{"blacklist":true},"bnffnggkphadlnoopcoakdnkellnifjp":{"blacklist":true},"boaoagnmpennjoigkkmnjhecapibhfko":{"blacklist":true},"boclfockfmgcppbajihcgajhpggaakgl":{"blacklist":true},"bokkificjhapflinbdejegngffgkcgfe":{"blacklist":true},"caphkimknlmnhpjoneddiaakmcaajagb":{"blacklist":true},"cbbbpmlnlpnjojeplppgeilanlihoojg":{"blacklist":true},"cbbjhegipokkofhhicbckicchjpcpeni":{"blacklist":true},"cbhhdkemlehgodemcigfabmcdnohhhef":{"blacklist":true},"cbjlfaogacjpkplebfbijaakaifoflno":{"blacklist":true},"cdogaeccgljmkecjmoedambgiekkllij":{"blacklist":true},"cedclbokcakighlpbnbhfjffdjeihfdp":{"blacklist":true},"cekdjgnecpoooikhmceokdhojckkkhmh":{"blacklist":true},"cepfogmgfkddnllaopgknbdfkceejmhk":{"blacklist":true},"cfbdodejdeejbkffcmiaknpmojjeibpn":{"blacklist":true},"cfnfobbpdaccoljfahpmfjdmbfmmkeof":{"blacklist":true},"cfogpbanfnocakdckmgafapdlmclpiln":{"blacklist":true},"cgnegjfmdfenjojhjffejinpnpoglmlh":{"blacklist":true},"cgnkbnaiipmfbakpmhllalggoepniemh":{"blacklist":true},"cihlkpohodpdkdnfalhdkhhlhmhffmbe":{"blacklist":true},"cjhklhdjonhcohlacgggcbklpnldleck":{"blacklist":true},"cjohbbapkbkkhpohinffggbphnhoblea":{"blacklist":true},"ckckpgefkpjfopjppjfcikppehdhceah":{"blacklist":true},"ckphhghhpjbfddcgkpfbelfeojcciglo":{"blacklist":true},"clapnamcglekekmamicmbahkghdcjaeh":{"blacklist":true},"clfhanhcjmgjnbpjfopldmnabimhmcmp":{"blacklist":true},"cmjphjljejnfgdbkdgdlclaabimpknna":{"blacklist":true},"cmlokmkdolieoaoddlfhaidnlmiadhik":{"blacklist":true},"cnimdnlablahacgompaahbgohcokcclp":{"blacklist":true},"coajchbkdbfhmhbgcjepiofllfjjcpfp":{"blacklist":true},"coobgpohoikkiipiblmjeljniedjpjpf":{"app_launcher_ordinal":"n","creation_flags":9,"from_bookmark":false,"from_webstore":true,"install_time":"13003519860484200","lastpingday":"13004524804802399","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"en_US","default_locale":"en","description":"The fastest way to search the web.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name":"Google Search","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.19"},"page_ordinal":"n","path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.19_0","state":1,"was_installed_by_default":false},"copjbedljgpkaakkmbhgkpoaadeahido":{"blacklist":true},"cpiiakoibaohkfoaijaigdnocfolnmll":{"blacklist":true},"dadcalgappognjbjpalfophhcfakoeac":{"blacklist":true},"danapgfidmepmcfbjjacceiaiiioieio":{"blacklist":true},"dbanhghadfmjndnjmmejdgfdmgidlbpm":{"blacklist":true},"dbiblcmlcgdjjbdpbmbcpineegngkiip":{"blacklist":true},"dbmdicehacbaohlockjgdglcobimmjkh":{"blacklist":true},"dejippphmhbpgckbhdidnjmdcpfccbaj":{"blacklist":true},"deocpjmfifplhepinpkmpinpnbiemfje":{"blacklist":true},"deonbedlmakdddidplniclflladdjoep":{"blacklist":true},"dfafokiagoiocidlpglcanjkcdbdnioi":{"blacklist":true},"dfoegfajplmijblljfancdapbdaopebb":{"blacklist":true},"dgaehaeahdegbdlenicbmkbakhdgoeml":{"blacklist":true},"dgcfmgdfbfbgcpbendbhbkfjppboebed":{"blacklist":true},"dgkemngdheppgohkjjelnkjmdeimmfml":{"blacklist":true},"dhclobcklknojliojkkclgjndemadnig":{"blacklist":true},"dibljdngacjhpccjckmlmeklpgjeinjd":{"blacklist":true},"digmihafmlfkgdbjjdgbcojghcgcoeoa":{"blacklist":true},"diinokaoicgobepmadnmedlhdfnpehcj":{"blacklist":true},"dinhjcapnfbffhiihdlnbdfjdjjfhcbk":{"blacklist":true},"djnahdkbfgnhgpakidinfonfcjbagkgp":{"blacklist":true},"dkhkecikbdfpoiopnnpoeglbdphgflmf":{"blacklist":true},"dknkjnkhedbanphkkpbpcgoblmkbfhlf":{"ack_external":true,"active_permissions":{"api":["bookmarks","contextMenus","cookies","geolocation","history","idle","management","notifications","tabs","unlimitedStorage","webNavigation","webRequest","webRequestBlocking","webRequestInternal"],"explicit_host":["chrome://favicon/*","hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*","hxxps://*/*","hxxps://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*"]},"creation_flags":1,"from_bookmark":false,"from_webstore":false,"install_time":"13003519834069200","lastpingday":"13004524804802399","location":3,"manifest":{"background_page":"Controller.html","browser_action":{"default_icon":"icon.png","default_title":"BitTorrentControl_v12 Community Toolbar","popup":"js/popup/view/popup.html"},"chrome_url_overrides":{"newtab":"Search/NewTabPages/html/new_tab.html"},"content_scripts":[{"all_frames":false,"js":["js/everypage_early.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_start"},{"all_frames":true,"js":["js/clicksHandler.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_start"},{"all_frames":false,"js":["js/compatibility/compatibility.start.js","js/compatibility/match.sb.js","js/compatibility/compatibility.start.sb.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_start"},{"all_frames":true,"css":["css/ctbmain.css"],"js":["js/contentScript.js","js/API/component/view/BrowserCompApi.js","js/compatibility/compatibility.end.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"},{"all_frames":true,"js":["js/jdAPIext.js"],"matches":["hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*","hxxps://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*"],"run_at":"document_end"},{"all_frames":true,"css":["css/ctbmain.css"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"}],"description":"Delivers all our best apps to your browser.","icons":{"128":"634220815653506250.png","16":"634220815653506250.png","48":"634220815653506250.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClrq250Jp50wu0w1suCgzoadUOq/Bm6cdXqBtfkDkaQ07QOj0LpJ7ehtqHlgv23qhAkzyJRlBXpibwNvxV38kkgmFe2d9mjXMf5sxzBoBSFdxfU4+IjJsBOVwnq62aHMrcSaiPUvLUQJeOmEZ6Zyy10iGzSOYF4+IKO4ThvYb4IwIDAQAB","name":"BitTorrentControl_v12","options_page":"options.html","permissions":["tabs","hxxp://*/*","hxxps://*/*","notifications","management","unlimitedStorage","bookmarks","contextMenus","cookies","geolocation","history","idle","webRequest","webRequestBlocking","webNavigation","chrome://favicon/*"],"update_url":"hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT3225826&amp;extensionData=&lt;extension_data&gt;","version":"2.3.18.20"},"path":"dknkjnkhedbanphkkpbpcgoblmkbfhlf\\2.3.18.20_0","state":1,"was_installed_by_default":false},"dlobhinihbmedmheccecfnkcadpehmbf":{"blacklist":true},"dmabikjmolgegjajdhmgpmgffajlmmkb":{"blacklist":true},"dmhgenmamfphbclmhdgmffajkfommkom":{"blacklist":true},"dmhjdbigobajgnfoabodjgmcdgoeoljm":{"blacklist":true},"dmkdhgkknhnfpdjeicefnpmhcpbimden":{"blacklist":true},"dnemhlkdpajbbniphgkgceplmnkfnhfo":{"blacklist":true},"doneghboglgnflpdicnkaojmmljgejkj":{"blacklist":true},"dpaphgcjeeochbiafgbochohgmpcmlbj":{"blacklist":true},"dpgenihgggagjjggfocjceeobjkadcbc":{"blacklist":true},"dpmloehicimdjkibmobhmpgdndgbcced":{"blacklist":true},"ebdcdchjcndpjhehacedepnggfdbfkpn":{"blacklist":true},"echjhfifjidfhoappglfmoffcpmpkigb":{"blacklist":true},"echngajnlpjeacbanjejlhcajjfoedcc":{"blacklist":true},"ecinfbhalenfhdhnljmkglajfjjfehoj":{"blacklist":true},"edmnikahahfkfilbbjbdoiabnghbkmjc":{"blacklist":true},"efbeabpbbkahnnjalakldjfhljboclkf":{"blacklist":true},"efhjelcghjkfigiagdfbfilndaffpmdj":{"blacklist":true},"efnaljpgehfilpmkhobibbjceeeondmn":{"blacklist":true},"egljdhfnbjahogjahnigfnbpidlmdagi":{"blacklist":true},"ehgoiaffgjoinpkllmmnikghgpghnabc":{"blacklist":true},"ehmjnpjodmgeocfphkjjnheiheehcoid":{"blacklist":true},"ehomcoocpagnlcakcbecdaknmacmedld":{"blacklist":true},"eiflkkehgogioennialfbilppmegcpoa":{"blacklist":true},"eihjeehdobnpkonebmpanonopghepfle":{"blacklist":true},"eijbdinddjecmebnlienfoijpjjobkjh":{"blacklist":true},"ejakhnjbomgngodiidgbkapjgbdckhnh":{"blacklist":true},"ejijgghlncnaphklndknkbkclebfboca":{"blacklist":true},"ejlekamipdcfcfpgfepjmklllbpeecaj":{"blacklist":true},"elcaigjcaijbfpjngaekbblphmfjdhfo":{"blacklist":true},"emcdpbapjmnjgoannclkongdfboaabho":{"blacklist":true},"eofejpelggimkodeojpeojnbijgiglgh":{"blacklist":true},"eopmhecjnginkckggjmhombbopmkjpam":{"blacklist":true},"epbmnbdplhcomkedpjfceakddnbgfjmf":{"blacklist":true},"fafoohpbicgbcejffcplajonhhooddle":{"blacklist":true},"fbhiehmngojjcmljddjmgpmcockbccmo":{"blacklist":true},"fbjjhbijaiopkcdolheliknnjlkaekeb":{"blacklist":true},"fcfepemfihgibdacjlnlecebknaaepmj":{"blacklist":true},"fclheclkknbgfndeahkfdomollhmfkcn":{"blacklist":true},"ffgfbfakpcnngelphjnppokmoicdollk":{"blacklist":true},"fhlkffpjoajppmhcakbkjndbjfljccpi":{"blacklist":true},"fiapkdjniadkodmdibdnchoifkpfoiid":{"blacklist":true},"fibgploapkhokkbncddlkcmbmiengcfp":{"blacklist":true},"fihepkmlkmciffbhijldnpmifhbkiinp":{"blacklist":true},"fiiblakkkkgeljngobmpeljjapemenhi":{"blacklist":true},"fjhfnfakmfcejgmfkmnapemgblmehppf":{"blacklist":true},"fjjeecfjmgfnleghoellhldedkaocjfc":{"blacklist":true},"fleljamdchegbjeiipbnmiebnhgheeld":{"blacklist":true},"flmmgcfcpbfddenepkfmgfpbaceolcoe":{"blacklist":true},"fmcccidacjgnfiafddkngmeolkoiihil":{"blacklist":true},"fmonlemffgbabjifjfaoamdflijecdbk":{"blacklist":true},"fngolbdmkneakeaoiieafkilnogbocda":{"blacklist":true},"fnhcgnmfccojojojacgeiaaeacefdohb":{"blacklist":true},"fnkaadkanmfgpfbmdcllhjdgmdbgljpi":{"blacklist":true},"fnnmbghphdnmmjdapccfobgjemjadeli":{"blacklist":true},"fnoadkjdjfgafomgmablhmffooijcfbn":{"blacklist":true},"foenbafkkmajnmfnlcmejonkfaipdmme":{"blacklist":true},"fomljmklmcefndkgpakgifbiiidgbjej":{"blacklist":true},"fommcgokigkhmnhlhlkckfjhefnmfohd":{"blacklist":true},"fopgndklnkecillfbdmfknhmadmenikm":{"blacklist":true},"fpbippbofbmgmbojjmgfcifpmdaelcmd":{"blacklist":true},"fpbkafpphnhlpakobppekmkebmbhkoco":{"blacklist":true},"fpjdackpllilinpkgmhkpidkanmccblc":{"blacklist":true},"fpmajanjndhgpifbcbnklbiehgnpkgmf":{"blacklist":true},"fpoajjnnpmledpmohlgpgbmlhbgkgahg":{"blacklist":true},"fpokembamndopkflopmplkklbdngnknd":{"blacklist":true},"gaicmfjflflabagobdiodejfpjikheeo":{"blacklist":true},"gandihaiobadcggbfkhpbkocmiemjlnf":{"blacklist":true},"gbenikfjhilhpgagllmfgggdjaflbmbi":{"blacklist":true},"gchbiabnbdikkgfhnkclecjncojnkmhb":{"blacklist":true},"gdggdkkjecogagaffaemnbfmllcoihjp":{"blacklist":true},"gekkhpjigmckhgmgngadbeknekgpgolb":{"blacklist":true},"gfjfhihpkmehdmblhfaikkipeplpdcla":{"blacklist":true},"gfmmoiakbmdohkgeoekiokjgljcminig":{"blacklist":true},"ggkpicnfnljflddbdoeeaajjgepapcbf":{"blacklist":true},"ghgphbmpcfgkfneodjpbdanmdoemklio":{"blacklist":true},"ghmaokcegalalefnhlfcnjhnpdbanjkj":{"blacklist":true},"gifglngcdbggmlgkcombebegdaoknkho":{"blacklist":true},"gjkbghdignnlcknknflbigpammebiolo":{"blacklist":true},"gjmhdmobkhfhkpfmfegnkkimlamjdldi":{"blacklist":true},"gkhbgnodbilglgholifcjdblbgdaieah":{"blacklist":true},"gkjeccpmibljcfpfapfljciimedljpnm":{"blacklist":true},"gkjmgdpdndoaiholejnmdbbpdaafahmm":{"blacklist":true},"glhhlafadlhkgbklgbjnmblfhnkfknbm":{"blacklist":true},"gmghjgfdialcnhadahmjefeflgnhcjeb":{"blacklist":true},"gnapdhmknipknfmhhnhdmhakdfhgeing":{"blacklist":true},"gncfgndgeoddelbfhlndhljnecoednaa":{"blacklist":true},"gngmkbiihflpghldjnbpemaicedhdddk":{"blacklist":true},"gobjcjhhebpjbmjdgmejhebbleadnceo":{"blacklist":true},"goedioiidkokkbobdnopnlnaaalniegm":{"blacklist":true},"gpgehbjbkfhngdlfpfeokjgbkmmokjhe":{"blacklist":true},"gplgjmecjpbfcdikpbicknafcnfcidek":{"blacklist":true},"hbaajkahagmlkdekmbdabikbopdgpaac":{"blacklist":true},"hbdhabpmbbanaopgkbaondabkkepjfaf":{"blacklist":true},"hbmlheccjkodhfejcmblndjodllmnlnl":{"blacklist":true},"hcapokajkngndbglnfglpfdpoeidmpha":{"blacklist":true},"hcpndbchnlgojmnijaldkicigmihmdca":{"blacklist":true},"hdijkiondgomjpehfhopomicjbiodmcm":{"blacklist":true},"hdnbmmfjbblajkjkcaeofolgfnljpnim":{"blacklist":true},"hecijapnccjhonbmacmkmffooodfokoo":{"blacklist":true},"hefmoncdemhjembgbnkgglhlookbipdc":{"blacklist":true},"hfcgbiofoebieldldghfocjfnnajmpej":{"blacklist":true},"hfjpjodbolkmheaehcnmfhjakjileoof":{"blacklist":true},"hfpfbhnmbbigpmoodjemilggabklpopj":{"blacklist":true},"hgbaomphocgmdpmiohjclchaaljpaelp":{"blacklist":true},"hgboiaecclcbjphldpbgfgggcbihmnai":{"blacklist":true},"hgjgaeknhmidehalnmokomhpfhbfmpcm":{"blacklist":true},"hhbihfbjoifhhebcnchglobmkmapgjkm":{"blacklist":true},"hhfffemhgkginfafaoapljdllodppana":{"blacklist":true},"hhfiljkpjapjjphcocclhhaldpfkkjbi":{"blacklist":true},"hhjmkijkgojfifipdgmiemghfikbohcm":{"blacklist":true},"hhlgbfcfbkhlmajakkcjippgpcmejkko":{"blacklist":true},"hilncbjbdpnfepdidfchmdclhpnlegpj":{"blacklist":true},"hjkhligcnpfjhjlapmejaiaiigibofif":{"blacklist":true},"hjnigaibahdeadcdnpnommdehajodlhc":{"blacklist":true},"hkbgccpdcpbdckohbknjlamamelcnlki":{"blacklist":true},"hkjcejgfmaanpncnpoidgbhoikcaeepd":{"blacklist":true},"hkjfdgjkgpbbdmadbglcgljjjddkcdha":{"blacklist":true},"hmmoglffhpmacaacfbbmbbkcbdkjphnc":{"blacklist":true},"hnbcdmfeoldeppcbnnjmjkdofohaljbn":{"blacklist":true},"hncomkjbbkchfjelocejkbbflmjhlhfp":{"blacklist":true},"hnipgljcblpgnnojcfldehpeknhakbgj":{"blacklist":true},"hnkcpoijaeegompjgbjjhkdmljldaccg":{"blacklist":true},"hnnebfeppcbhhbhiifeaajgcjnkljlld":{"blacklist":true},"hnonhhpgjnjcjfbkjdpfbkfpaodcmncb":{"blacklist":true},"hpcdoodjfcmpcpkeendjnjkeinimhkih":{"blacklist":true},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"iablioliielnhdianpbiijaoncbmfend":{"blacklist":true},"iccblehkchfmjgfafjcpjlkjcponhdhl":{"blacklist":true},"icihfeaofpcfehanhbnjigdlpfahjlee":{"blacklist":true},"idbdlnkdnaodonmgnimcfelpngbmcpjk":{"blacklist":true},"iedogbkombgmapifenoojnmpcnjighfm":{"blacklist":true},"iemfpgbdjfoihicbocpbjppipdbfimeh":{"blacklist":true},"ifbkndkaolfbjjhnnhfmkbkoclpdkpli":{"blacklist":true},"ifeijfpkjckedpclgncedmgdiaoeahmk":{"blacklist":true},"igaajdmlejbjcbmpmnigopikfdaccdcm":{"blacklist":true},"igbaoknfddliiaoimhehfbkfekpmmfll":{"blacklist":true},"igghanohiioehififjoalfkdoicafjof":{"blacklist":true},"iggjepemmdkieakihpomccndhdfcljdp":{"blacklist":true},"igkdgkdiiolilocklmiolkpoohacojop":{"blacklist":true},"ihnembcpodnfgkafmiojebccomjekopm":{"blacklist":true},"iiiinekimabooeihccihfopoadcaaphn":{"blacklist":true},"ijecjbcgpblkacpijljpaienknanaloa":{"blacklist":true},"ijenlpgidnapbndonoinbkhekgjonojg":{"blacklist":true},"ijjmbbddenkbenbcfldgghhjgjmcnioo":{"blacklist":true},"ilhjicgcglhjigdehkcehjdokmkahbjl":{"blacklist":true},"iljfgjkppapinhcgonhjnipfppfmfedh":{"blacklist":true},"ilmknaabackgdbnkgbihgpgiopnlkjek":{"blacklist":true},"imfbomjbodpfgfhfahlgkkcllmhbelhk":{"blacklist":true},"imkffpjpdngdkpgadcmnlkhhmhdocijn":{"blacklist":true},"indfhnliadamglhalanplbajgenpjdml":{"blacklist":true},"iobnpmeeecphddicmhhmdjbnlbdhjlne":{"blacklist":true},"iomejadoamfilglofmeaffghddcgapmf":{"blacklist":true},"jabpdgllijbnknhkgjideeajfofafckp":{"blacklist":true},"jaejgaoiipdjjlbnapngknalafalbkej":{"blacklist":true},"jafnimahlamccccjbkhjjpeiipiedpik":{"blacklist":true},"janhdpmhnighonkkbkdpnljcoenpfkbh":{"blacklist":true},"jbfebbkjjmkcoldeaeelhpconkmgjhbg":{"blacklist":true},"jbmbiepnidbnhbbfdbgioomdkgnbcacj":{"blacklist":true},"jbnafcjbcfgejacaanogofkkehcomamp":{"blacklist":true},"jcmipejepoimfflnoapdmkdephgjinck":{"blacklist":true},"jddbdddmbfencninofcgnodekclofpaj":{"blacklist":true},"jdiakcmbpmcnniggjcmcjknnklpdlogc":{"blacklist":true},"jeehjhnmgohgpfpjneglogiholalkeip":{"blacklist":true},"jfalnphfjdoalcdhlnhdpekbmmopkgkj":{"blacklist":true},"jfhmafmjfdblceidmfdmoihamolaaeco":{"blacklist":true},"jfjagidcpadkoaonbogmbgfimmnefeie":{"blacklist":true},"jgdkappiifgomhgikcjbanhnmlekpeje":{"blacklist":true},"jgmpapdckakiohhebmeoemejibommimi":{"blacklist":true},"jgoljhcbgajhbhnchplgjdkknendhjnn":{"blacklist":true},"jhhabiomopkibeecgngiggmopkeofacl":{"blacklist":true},"jindbcpkhnnnjgcjgmkjedbibibiojjf":{"blacklist":true},"jiofcofpcbijcnlpekdkpmgjdppajbjb":{"blacklist":true},"jjnkfllhcgkgnfbekpnmoikpfihpjfli":{"blacklist":true},"jkihmglffmfjedfbpbpdbbimcodjbmdh":{"blacklist":true},"jkmhalpofmlfeglboejbchpoijnkmcgh":{"blacklist":true},"jljfnkmkkdkppfndippkedacgfkafped":{"blacklist":true},"jmbkhogpjgjpfjhpdikloblkbkljkgao":{"blacklist":true},"jmeanodbelbflfmnkfdjgpikmldgjjko":{"blacklist":true},"jmfkcklnlgedgbglfkkgedjfmejoah
Logged
Pages: [1] 2 3   Go Up
  Print  
 
Jump to:  


Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!