Jump to content


Photo
- - - - -

nativemessaging on chrome


  • Please log in to reply
9 replies to this topic

#1 x_breath_x

x_breath_x

    Member

  • Members
  • PipPipPip
  • 79 posts

Posted 17 January 2014 - 09:10 PM

hey sorry about my last topic. i had the computer traded. i just figured itd be easier. however this computer has some slike problems. i dont know why maybe its something ive downloaded.

 

the hijackthis didnt work agan so ive done a scan with otl.

here is the otl.txt first and then extras.txt

 

 

 

 

OTL logfile created on: 1/17/2014 8:40:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kaila\Desktop
 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1013.09 Mb Total Physical Memory | 531.36 Mb Available Physical Memory | 52.45% Memory free
3.10 Gb Paging File | 1.08 Gb Available in Paging File | 35.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 219.79 Gb Total Space | 163.52 Gb Free Space | 74.40% Space Free | Partition Type: NTFS
 
Computer Name: JOHN | User Name: Kaila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/01/17 20:38:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kaila\Desktop\OTL.exe
PRC - [2013/12/20 19:14:09 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/12/20 19:14:09 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/09/27 21:41:39 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
PRC - [2013/02/05 12:10:48 | 000,581,624 | ---- | M] (NTI Corporation) -- C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
PRC - [2013/02/05 12:10:46 | 000,046,072 | ---- | M] (NTI Corporation) -- C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
PRC - [2012/11/22 20:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2011/10/18 16:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
PRC - [2011/10/18 16:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
PRC - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/12 00:24:10 | 001,602,344 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2010/11/12 00:24:08 | 001,812,264 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010/08/10 03:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2010/08/10 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe
PRC - [2010/08/10 03:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LMworker.exe
PRC - [2010/06/11 16:28:06 | 000,715,296 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2010/06/11 16:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2010/06/11 16:27:54 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2010/03/11 00:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec IPS\PmmUpdate.exe
PRC - [2010/03/11 00:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec IPS\EgisUpdate.exe
PRC - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GREGsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/12/20 19:14:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/02/05 12:11:18 | 000,465,824 | ---- | M] () -- C:\Program Files\NTI\NTI Backup Now EZ\sqlite3.dll
MOD - [2012/10/02 12:41:02 | 000,694,168 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/08/27 23:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 23:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/05/20 00:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files\Launch Manager\CdDirIo.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013/12/20 19:14:09 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/13 19:20:00 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/27 21:41:39 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe -- (vToolbarUpdater17.0.1)
SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/05 12:10:46 | 000,046,072 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe -- (NTI BackupNowEZSvr)
SRV - [2012/10/02 12:45:22 | 000,120,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2011/10/18 16:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 16:28:34 | 000,160,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 16:28:18 | 000,166,288 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/10 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/11 16:28:02 | 000,735,776 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010/05/26 21:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GREGsvc.exe -- (GREGService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motusbdevice.sys -- (motusbdevice)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Motousbnet.sys -- (Motousbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motswch.sys -- (MotoSwitchService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgp.sys -- (motccgp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motfilt.sys -- (BTCFilterService)
DRV - [2013/12/20 19:14:56 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2013/12/20 19:14:16 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/12/20 19:14:16 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/12/20 19:14:16 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/12/20 19:14:16 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/12/20 19:14:16 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/12/20 19:14:16 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2012/08/23 08:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 08:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/03/26 16:50:12 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011/10/15 15:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 15:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 15:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 15:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/10/15 15:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 15:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 15:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/10/15 15:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 15:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/12/03 00:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/11/20 03:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/08/24 03:55:52 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/07/15 15:57:36 | 001,906,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/06/17 00:50:38 | 000,082,768 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2009/07/13 17:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/02 21:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/02 21:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/02 21:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...ults.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzuzzzzzy0F0F0AtDyDtByB0FyBtA0ByE0EtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=672521081
IE - HKLM\..\SearchScopes\{507E350E-949D-BB7D-314C-7539CF247C38}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}: "URL" = http://dts.search.as...pn_ptnrs=AGE&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...740855134406&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...ch.asp?src=6&q={searchTerms}&crg=3.1010000.10005
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://acer.msn.com
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.findwide.com/?guid={FAD49E06-D413-4B08-8349-8A71DBFA0C8C}&serpv=22
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosear...115076&tsp=5114
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...earchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...earchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - SOFTWARE\Classes\CLSID\{96f454ea-9d38-474f-b504-56193e00c1a5}\InprocServer32 File not found
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...earchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...ults.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1Qzuzzzzzy0F0F0AtDyDtByB0FyBtA0ByE0EtN0D0Tzu0CtByEyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=672521081
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_def&mntrId=AC9F929FFA0527F7&affID=115076&tsp=5114
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{18E7AACF-9B3E-46E8-8382-BAB463727B5E}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10743
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{2ED3B46A-A91C-47C9-92D7-3EF05BB5429B}: "URL" = http://www.mysearchr...?c=2652&t=01&q={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{50349BBE-F1B2-4659-B85A-16401AF9064C}: "URL" = http://search.findwide.com/serp?guid={FAD49E06-D413-4B08-8349-8A71DBFA0C8C}&action=default_search&serpv=22&k={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{6F47C78D-F91C-4A9E-9641-012D759138CA}: "URL" = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN29404707102509210&UM=2
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={93571EB7-16F3-4270-AB3A-4EAC59A4339E}&mid=d70f5103086f47d0a7d443d6bce1ce04-b15497609ebbdddff297f5f09ac63dcb18fcd1a3&lang=en&ds=ft011&pr=sa&d=2012-10-14 16:15:50&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}: "URL" = http://dts.search.as...pn_ptnrs=AGE&q={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...740855134406&q={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{C8D1C99A-92F2-4AB8-9162-0449E1743972}: "URL" = http://us.yhs4.searc...570,0,0,6434&p={searchTerms}
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...ch.asp?src=6&q={searchTerms}&crg=3.1010000.10005
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kaila\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kaila\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kaila\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/09/02 00:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\PremierOpinion
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Babylon\Babylon-Pro\Utils\[email protected]
 
[2013/12/13 16:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kaila\AppData\Roaming\mozilla\Firefox\extensions
[2013/12/05 15:07:08 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Users\Kaila\AppData\Roaming\mozilla\Firefox\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
[2013/12/31 22:07:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kaila\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kaila\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Kaila\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: npDefaultTabSearch plugin (Enabled) = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.14_0\plugins/npDefaultTabSearch.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Kaila\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: uTorrentControl_v6 = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.0.540_0\
CHR - Extension: uTorrentControl_v6 = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.0.540_0\nativeMessaging\nmHost
CHR - Extension: Dark Vibe = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_0\
CHR - Extension: ShopAtHome.com extension = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc\7.1.0.16_0\
CHR - Extension: avast! Online Security = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: avast! Online Security = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: No name found = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\
CHR - Extension: Google Wallet = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Bitdefender QuickScan = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0\
CHR - Extension: uTorrentControl_v6 = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.0.540_0\
CHR - Extension: uTorrentControl_v6 = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.0.540_0\nativeMessaging\nmHost
CHR - Extension: Dark Vibe = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_0\
CHR - Extension: ShopAtHome.com extension = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc\7.1.0.16_0\
CHR - Extension: avast! Online Security = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: avast! Online Security = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: No name found = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\
CHR - Extension: Google Wallet = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Bitdefender QuickScan = C:\Users\Kaila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0\
 
O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Music Box Toolbar (Dist. by iMesh, Inc.)) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll File not found
O2 - BHO: (MyWordTool) - {45470599-8237-486D-87B5-E89CD6AED154} - C:\Users\Kaila\AppData\Roaming\MyWordTool\temp.dat ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120112163500.dll (McAfee, Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files\uTorrentControl_v6\prxtbuTor.dll File not found
O2 - BHO: (no name) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - No CLSID value found.
O2 - BHO: (Tidy Network) - {D8A98206-1249-3EBA-FB18-4ADF7ED746FD} - C:\Program Files\TidyNetwork\petn.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Music Box Toolbar (Dist. by iMesh, Inc.)) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll File not found
O3 - HKLM\..\Toolbar: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files\uTorrentControl_v6\prxtbuTor.dll File not found
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\..\Toolbar\WebBrowser: (uTorrentControl_v6 Toolbar) - {96F454EA-9D38-474F-B504-56193E00C1A5} - C:\Program Files\uTorrentControl_v6\prxtbuTor.dll File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupNowEZtray] C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKLM..\Run: [SBRegRebootCleaner] "C:\Program Files\Ad-Aware Antivirus\SBRC.exe" File not found
O4 - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000..\Run: [Facebook Update] C:\Users\Kaila\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000..\Run: [uTorrent] C:\Users\Kaila\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2509488165-3742344647-2209741551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15EAC838-19E9-4FA3-B6AC-CE7E9B30E965}: DhcpNameServer = 172.26.38.1 172.26.38.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A81087B2-589B-456F-8D51-F5A5BADAE6F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B74E8B87-E008-4422-BD86-86D613D27F22}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (System