Infected with apype browser hacker virus

The firefox homepage still changes to apype dot com(shows in options) / starwebsearch dot com(shows in the address bar). There was a YuoTubeDownloader toolbar in IE that I noticed before running OTL fix. Atleast that is now gone. Here are the logs

========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{3d175337-41e3-48eb-a754-493577f658b9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d175337-41e3-48eb-a754-493577f658b9}\ deleted successfully.
C:\Windows\System32\YuoTubeDownloader.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{289bd87f-a29f-41a5-88da-19d7a6531bf6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{289bd87f-a29f-41a5-88da-19d7a6531bf6}\ not found.
Prefs.js: "Custom search" removed from browser.search.defaultenginename
Prefs.js: "http://www.gigabase.ru/search?clid=1&q=" removed from browser.search.defaulturl
Prefs.js: "Custom search" removed from browser.search.selectedEngine
Prefs.js: "http://apype.com" removed from browser.startup.homepage
Prefs.js: "http://apype.com/results.php?q=" removed from keyword.URL
C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\tabutils@ithinc.cn.xpi moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\Custom search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d175337-41e3-48eb-a754-493577f658b9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d175337-41e3-48eb-a754-493577f658b9}\ not found.
File C:\Windows\System32\YuoTubeDownloader.dll not found.
ADS C:\ProgramData\Temp:8331D35A deleted successfully.
ADS C:\ProgramData\Temp:A5A1816B deleted successfully.
ADS C:\ProgramData\Temp:054B9966 deleted successfully.
ADS C:\ProgramData\Temp:0C6951A3 deleted successfully.
ADS C:\ProgramData\Temp:ACC6783C deleted successfully.
ADS C:\ProgramData\TempFC5A2B2 deleted successfully.
ADS C:\ProgramData\Temp:430C6D84 deleted successfully.
ADS C:\ProgramData\Temp:0FF263E8 deleted successfully.
ADS C:\ProgramData\Temp:CBD3E4DE deleted successfully.
ADS C:\ProgramData\Temp:55B41E6A deleted successfully.
ADS C:\ProgramData\Temp:EBC2DB92 deleted successfully.

OTL by OldTimer - Version 3.2.66.0 log created on 09232012_151559

OTL logfile created on: 24-Sep-12 1:00:22 AM - Run 2
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Vicky\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

3.00 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 69.61% Memory free
5.99 Gb Paging File | 4.78 Gb Available in Paging File | 79.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 53.62 Gb Total Space | 7.76 Gb Free Space | 14.47% Space Free | Partition Type: NTFS
Drive D: | 89.63 Gb Total Space | 8.47 Gb Free Space | 9.45% Space Free | Partition Type: NTFS
Drive E: | 58.64 Gb Total Space | 1.20 Gb Free Space | 2.04% Space Free | Partition Type: NTFS
Drive F: | 30.89 Gb Total Space | 9.54 Gb Free Space | 30.90% Space Free | Partition Type: NTFS

Computer Name: VICKY-PC | User Name: Vicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-09-24 00:59:52 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
PRC - [2012-09-17 22:41:17 | 000,458,752 | ---- | M] (ElectraSoft) -- C:\Program Files\ElectraSoft\mbc\MBC.EXE
PRC - [2012-09-10 19:05:26 | 000,446,664 | ---- | M] () -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
PRC - [2012-08-31 19:32:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012-08-22 20:24:50 | 000,369,544 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessGovernor.exe
PRC - [2012-08-22 20:24:48 | 000,677,256 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessLasso.exe
PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-07-30 10:48:16 | 001,518,504 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
PRC - [2012-07-28 02:21:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-05-15 15:56:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-05-15 14:57:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-03-28 23:47:48 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2012-03-09 16:58:08 | 002,906,112 | ---- | M] (NeoSoft Tools) -- C:\Program Files\Chameleon Folder 2\chfolder.exe
PRC - [2012-03-05 16:13:04 | 000,845,640 | ---- | M] (BinarySense, Inc.) -- C:\Program Files\Common Files\BinarySense\hldasvc.exe
PRC - [2012-02-16 13:49:28 | 002,310,544 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2011-12-26 21:06:50 | 001,451,928 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2011-12-26 21:04:20 | 002,090,016 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
PRC - [2011-12-26 21:03:39 | 000,064,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
PRC - [2011-12-26 21:01:49 | 000,043,936 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
PRC - [2011-11-11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-11-11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011-08-12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011-02-25 11:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 17:47:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-03-16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2012-03-09 13:15:40 | 000,894,464 | ---- | M] () -- C:\Program Files\Chameleon Folder 2\cf.dll
MOD - [2011-12-26 21:05:09 | 000,185,040 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2011\framework.dll
MOD - [2011-12-26 21:03:12 | 000,189,184 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2011\txmlutil.dll
MOD - [2011-12-26 21:02:38 | 000,109,344 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2011\connector.dll
MOD - [2011-11-11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011-11-11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011-11-11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011-11-11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011-11-11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011-11-11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011-11-11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011-08-12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2010-03-24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll


========== Services (SafeList) ==========

SRV - [2012-09-17 21:32:18 | 000,394,920 | ---- | M] (JRiver, Inc.) [On_Demand | Stopped] -- C:\Program Files\J River\Media Center 17\JRService.exe -- (Media Center 17 Service)
SRV - [2012-09-10 19:05:26 | 000,446,664 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe -- (IceDragonUpdater)
SRV - [2012-09-08 12:38:57 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-08-31 19:32:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-30 10:48:16 | 001,518,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe -- (AHDDC2)
SRV - [2012-07-28 02:21:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-06-27 17:21:31 | 003,081,220 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - [2012-06-07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-15 15:56:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-04-23 16:16:08 | 000,484,304 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Stopped] -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe -- (HDDSvc)
SRV - [2012-03-28 23:47:48 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2012-03-05 16:13:04 | 000,845,640 | ---- | M] (BinarySense, Inc.) [Auto | Running] -- C:\Program Files\Common Files\BinarySense\hldasvc.exe -- (HDDlife HDD Access service)
SRV - [2012-02-16 13:49:28 | 002,310,544 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2012-01-23 22:21:20 | 000,249,856 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\GSService.exe -- (GSService)
SRV - [2011-12-26 21:04:20 | 002,090,016 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2011-12-26 21:01:49 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2010-11-30 07:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010-07-23 12:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010-06-25 22:37:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-08-24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe -- (DfSdkS)
SRV - [2009-07-14 06:46:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nbdrv.sys -- (Nbdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Vicky\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aicqys6h)
DRV - [2012-08-07 16:06:00 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2012-06-24 14:38:10 | 000,158,144 | ---- | M] (Romex Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fancyrd.sys -- (FancyRd)
DRV - [2012-05-24 16:34:59 | 000,039,016 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2012-05-24 16:34:53 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV - [2012-05-24 16:34:53 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCap)
DRV - [2012-05-15 15:56:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-04-29 13:48:14 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012-04-29 13:46:40 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-04-18 22:38:04 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012-02-02 21:08:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2012-01-18 12:14:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011-12-26 21:03:38 | 000,122,552 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2011-12-26 21:02:05 | 000,306,320 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\trufos.sys -- (Trufos)
DRV - [2011-12-08 05:22:36 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011-12-08 05:22:36 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2011-12-08 05:22:36 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011-11-07 16:18:14 | 000,039,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ren2cap.sys -- (REN2CAP_DRIVER)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2011-07-15 23:43:12 | 000,135,680 | ---- | M] (Oracle Corporation) [Kernel | Auto | Running] -- C:\Program Files\YouWave_Android\vb\VBoxDrv.sys -- (VBoxDrv)
DRV - [2011-06-23 12:13:04 | 001,068,216 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\wcmvcam.sys -- (WCMVCAM)
DRV - [2011-05-06 23:29:32 | 000,024,848 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lmvac.sys -- (LTXMD_VAC)
DRV - [2011-03-24 15:36:18 | 000,353,096 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010-11-29 14:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2010-11-29 14:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2010-11-20 18:00:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 18:00:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 18:00:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 15:54:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 15:29:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 14:44:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 14:44:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-08-20 18:41:54 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2010-08-20 15:41:58 | 000,072,784 | ---- | M] (BitDefender) [Kernel | System | Running] -- c:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf6.sys -- (Bdfndisf)
DRV - [2010-06-25 22:37:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010-05-13 16:52:04 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (bdfm)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009-12-30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009-07-14 05:15:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com/?fr=fp-spt_gen
IE - HKLM\..\URLSearchHook: {3d175337-41e3-48eb-a754-493577f658b9} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC ED 73 4E 17 BB CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {95853F18-90B6-4472-A2AD-3BFAF5F5A51F}
IE - HKCU\..\SearchScopes\{48444E1A-FD18-45C6-92C1-3A8819B65AE0}: "URL" = http://in.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{95853F18-90B6-4472-A2AD-3BFAF5F5A51F}: "URL" = http://www.google.com/search?q={sea...rce}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Custom search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Custom search"
FF - prefs.js..browser.startup.homepage: "http://apype.com"
FF - prefs.js..extensions.enabledAddons: optimizegoogle@optimizegoogle.com:0.79.1
FF - prefs.js..extensions.enabledAddons: trafficlight@bitdefender.com:0.1.28
FF - prefs.js..extensions.enabledAddons: youtubeunblocker@unblocker.yt:0.2.0
FF - prefs.js..extensions.enabledAddons: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: {dc572301-7619-498c-a57d-39143191b318}:0.4.0.3
FF - prefs.js..extensions.enabledAddons: FFToolbar@bitdefender.com:8.0
FF - prefs.js..extensions.enabledAddons: {B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}:0.3.7.2
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: {FF2FA6A4-B3B1-11DD-B910-6C9A55D89593}:0.44
FF - prefs.js..extensions.enabledAddons: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.9.1
FF - prefs.js..keyword.URL: "http://apype.com/results.php?q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Vicky\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@us-w1.rockmelt.com/RockMelt Update;version=8: C:\Users\Vicky\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2012-06-08 00:37:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-13 17:48:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-08 12:38:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-09-08 12:38:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-06-14 01:11:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2012-06-08 00:37:26 | 000,000,000 | ---D | M]

[2011-12-24 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Extensions
[2012-09-23 15:16:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions
[2012-04-25 19:19:57 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2012-09-16 21:10:41 | 000,000,000 | ---D | M] (Bazzacuda Image Saver Plus) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{FF2FA6A4-B3B1-11DD-B910-6C9A55D89593}
[2012-08-24 18:48:32 | 000,024,018 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\customization@adblockplus.org.xpi
[2012-09-13 11:42:12 | 000,067,038 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\fbp@fbpurity.com.xpi
[2012-09-13 11:42:09 | 000,162,292 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\fbsidebardisabler@vittgam.net.xpi
[2011-11-12 20:29:12 | 000,236,088 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\optimizegoogle@optimizegoogle.com.xpi
[2012-02-10 18:52:01 | 000,792,865 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\trafficlight@bitdefender.com.xpi
[2012-07-11 11:44:22 | 000,004,404 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2012-09-18 12:31:27 | 000,506,361 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2011-08-12 07:58:54 | 000,021,093 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2011-07-26 05:40:30 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2012-09-11 12:23:53 | 000,021,014 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi
[2012-07-27 07:18:36 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011-10-30 01:44:28 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012-07-21 22:46:07 | 000,702,524 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2012-09-16 22:47:17 | 000,016,192 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi
[2012-09-13 16:03:12 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012-09-08 12:38:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-09-08 12:38:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-09-08 12:38:54 | 000,000,000 | ---D | M] (TextAloud 3 Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{99a0337c-6303-4879-b72e-500fd9aaca8c}
[2012-06-08 00:37:26 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2011\BDAPHFFEXT
[2012-09-08 12:38:57 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009-07-31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2012-07-13 17:47:55 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012-08-29 00:22:58 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-07-12 14:14:41 | 000,005,137 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ergative.xml
[2012-08-29 00:22:58 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2010-12-09 02:51:24 | 000,002,224 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\webblog.xml

O1 HOSTS File: ([2012-09-20 10:59:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - {3d175337-41e3-48eb-a754-493577f658b9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKCU..\Run: [Chameleon Folder] C:\Program Files\Chameleon Folder 2\chfolder.exe (NeoSoft Tools)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mouse Button Control.lnk = C:\Program Files\ElectraSoft\mbc\MBC.EXE (ElectraSoft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Link Commander collection - Reg Error: Value error. File not found
O8 - Extra context menu item: Download with Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send Image To MindManager - E:\Vicky\Installed\Mindjet MindManager\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Link To MindManager - E:\Vicky\Installed\Mindjet MindManager\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Page To MindManager - E:\Vicky\Installed\Mindjet MindManager\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Text To MindManager - E:\Vicky\Installed\Mindjet MindManager\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05C55753-A390-4370-BD93-BBB2EAB7A44D}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-09-24 00:59:50 | 000,601,600 | ---- | C] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
[2012-09-23 15:15:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-09-21 00:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012-09-20 11:04:43 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-09-20 10:59:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-09-20 10:58:11 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\temp
[2012-09-19 23:40:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012-09-19 23:40:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012-09-19 23:40:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012-09-19 23:39:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-09-19 23:38:51 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012-09-18 22:21:26 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\PC Tools
[2012-09-18 20:03:02 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\Threat Expert
[2012-09-18 13:21:02 | 002,267,096 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll0947.old
[2012-09-18 13:21:02 | 000,149,464 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll0947.old
[2012-09-18 13:20:00 | 000,017,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2012-09-18 13:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012-09-18 12:45:46 | 000,203,120 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012-09-18 12:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012-09-18 12:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012-09-18 12:44:23 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\TestApp
[2012-09-18 11:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mindjet
[2012-09-17 23:28:50 | 000,025,088 | ---- | C] (TeamViewer GmbH) -- C:\Windows\System32\drivers\teamviewervpn.sys
[2012-09-17 23:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012-09-17 23:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
[2012-09-17 23:25:49 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Calibre Library
[2012-09-17 23:25:44 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\calibre
[2012-09-17 23:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2
[2012-09-17 23:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[2012-09-17 23:23:17 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
[2012-09-17 23:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire 5
[2012-09-17 23:13:26 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\Usmania_Code
[2012-09-17 23:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Usmania Code
[2012-09-17 23:13:03 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Usmania Code
[2012-09-17 23:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Usmania Code
[2012-09-17 23:13:02 | 000,000,000 | R--D | C] -- C:\AHCache
[2012-09-17 23:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Throttle
[2012-09-17 23:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Throttle
[2012-09-17 22:56:53 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\SurfAnonymousFree
[2012-09-17 22:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SurfAnonymousFree
[2012-09-17 22:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CalcTape
[2012-09-17 22:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\CalcTape
[2012-09-17 22:53:00 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\SMP Data
[2012-09-17 22:52:50 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\DeskShare
[2012-09-17 22:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\firebird
[2012-09-17 22:52:34 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\DeskShare Data
[2012-09-17 22:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Deskshare
[2012-09-17 22:52:26 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\Spoon
[2012-09-17 22:52:23 | 000,000,000 | ---D | C] -- C:\Program Files\Deskshare
[2012-09-17 22:49:07 | 001,791,920 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.Controls.v13.1.0.ocx
[2012-09-17 22:49:07 | 001,226,672 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.ReportControl.v13.1.0.ocx
[2012-09-17 22:49:07 | 000,538,544 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.SkinFramework.Unicode.v12.0.2.ocx
[2012-09-17 22:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reminder Commander
[2012-09-17 22:49:06 | 002,320,304 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.CommandBars.v13.1.0.ocx
[2012-09-17 22:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\Reminder Commander
[2012-09-17 22:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Primo Ramdisk Ultimate Edition
[2012-09-17 22:47:53 | 000,158,144 | ---- | C] (Romex Software) -- C:\Windows\System32\drivers\fancyrd.sys
[2012-09-17 22:47:53 | 000,019,392 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\rxbsknl.sys
[2012-09-17 22:47:52 | 000,000,000 | ---D | C] -- C:\Program Files\Primo Ramdisk Ultimate Edition
[2012-09-17 22:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Photo Stamp Remover
[2012-09-17 22:41:20 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mouse Button Control
[2012-09-17 22:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Button Control
[2012-09-17 22:40:59 | 000,000,000 | ---D | C] -- C:\mbc
[2012-09-17 22:39:21 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\RobotSoft
[2012-09-17 22:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\RobotSoft
[2012-09-17 22:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse and Keyboard Recorder
[2012-09-17 22:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mirabyte Feed Writer
[2012-09-17 22:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\mirabyte
[2012-09-17 22:37:05 | 000,005,632 | ---- | C] (Tracker Software) -- C:\Windows\System32\pxc25pm.dll
[2012-09-17 22:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 3
[2012-09-17 22:36:53 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\My Maps
[2012-09-17 22:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mindjet MindManager 2012
[2012-09-17 22:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Mindjet
[2012-09-17 22:35:28 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\{9D53112B-37A1-4DBB-8E9C-CDC5FFF46604}
[2012-09-17 22:32:45 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Maxprog
[2012-09-17 22:32:45 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Maxprog
[2012-09-17 22:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMail Extractor
[2012-09-17 22:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\eMail Extractor
[2012-09-17 22:31:18 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\CommonDataMSI
[2012-09-17 22:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LineReader
[2012-09-17 22:31:14 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Iconico
[2012-09-17 22:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\LineReader
[2012-09-17 22:30:24 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\MyPhoneExplorer
[2012-09-17 22:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\MyPhoneExplorer
[2012-09-17 22:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sketchpad
[2012-09-17 22:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\GtkSharp
[2012-09-17 22:22:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kepard
[2012-09-17 22:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Kepard
[2012-09-17 22:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChordWizard Music Theory 3.0
[2012-09-17 22:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\ChordWizard
[2012-09-17 21:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 17
[2012-09-17 21:30:00 | 000,381,608 | ---- | C] (JRiver, Inc.) -- C:\Windows\System32\MC17.exe
[2012-09-17 21:29:59 | 000,585,728 | ---- | C] (Audible Inc.) -- C:\Windows\System32\AReadyLB.dll
[2012-09-17 21:29:59 | 000,229,376 | ---- | C] (Audible Inc.) -- C:\Windows\System32\AudDevicePlugin.dll
[2012-09-17 21:29:58 | 000,000,000 | ---D | C] -- C:\Program Files\J River
[2012-09-17 21:29:41 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\J River
[2012-09-17 21:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Halotea
[2012-09-17 21:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mirolit
[2012-09-17 21:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mirolit
[2012-09-17 21:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geometry Expressions v3.0
[2012-09-17 21:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Geometry Expressions v3.0
[2012-09-17 21:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gammadyne
[2012-09-17 21:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System-G
[2012-09-17 21:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\Gammadyne Mailer
[2012-09-17 21:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThunderSoft
[2012-09-17 21:19:52 | 000,000,000 | ---D | C] -- C:\Program Files\ThunderSoft
[2012-09-17 21:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamCalc DC4P
[2012-09-17 21:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\DreamCalc DC4P
[2012-09-17 21:16:34 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\DiskSpaceFan
[2012-09-17 21:16:29 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Space Fan 4
[2012-09-17 21:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Cookapp
[2012-09-17 21:14:59 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Direct Folders
[2012-09-17 21:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct Folders
[2012-09-17 21:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Direct Folders
[2012-09-17 21:11:28 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Anthemion Writer's Café 2.32
[2012-09-17 21:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitTorrent Ultra Accelerator
[2012-09-17 21:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent Ultra Accelerator
[2012-09-17 21:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\Tint Guide
[2012-09-17 21:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beauty Guide
[2012-09-17 21:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Beauty Guide
[2012-09-17 21:01:08 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Scooter Software
[2012-09-17 21:01:03 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyond Compare 3
[2012-09-17 21:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\Beyond Compare 3
[2012-09-17 20:51:53 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012-09-17 20:51:49 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\System32\DfSdkBt.exe
[2012-09-17 20:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012-09-17 20:49:04 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Writer's Cafe Documents
[2012-09-17 20:49:04 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Writer's Cafe 2
[2012-09-17 20:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anthemion Writer's Café 2.32
[2012-09-17 20:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\Writer's Cafe 2
[2012-09-17 20:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Acmework
[2012-09-15 02:29:43 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\dvdcss
[2012-09-13 17:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office 2010 Trial Extender
[2012-09-13 17:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\Office 2010 Trial Extender
[2012-09-08 12:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-09-05 04:29:25 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\Apple Computer
[2012-09-03 13:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2012-09-03 13:43:46 | 000,000,000 | ---D | C] -- C:\Program Files\RocketDock
[2012-09-02 11:51:39 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Rovio
[2012-09-02 11:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
[2012-08-30 13:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ProcessLasso
[2012-08-30 13:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso
[2012-08-30 13:15:47 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\ProcessLasso
[2012-08-30 13:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Process Lasso
[2012-08-30 12:35:19 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Wise Disk Cleaner
[2012-08-30 12:32:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Users\Vicky\Documents\*.tmp files -> C:\Users\Vicky\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-09-24 00:59:52 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
[2012-09-24 00:24:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-499340394-4099650204-2415665824-1000UA.job
[2012-09-23 20:13:36 | 000,017,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-23 20:13:36 | 000,017,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-23 20:06:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-09-23 20:05:57 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2012-09-23 15:01:09 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012-09-23 10:24:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-499340394-4099650204-2415665824-1000Core.job
[2012-09-20 10:59:51 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012-09-19 22:18:18 | 000,215,597 | ---- | M] () -- C:\Users\Vicky\Desktop\bookmarks-2012-09-19.json
[2012-09-19 20:26:14 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012-09-18 22:20:42 | 001,318,816 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012-09-18 18:07:04 | 000,000,034 | ---- | M] () -- C:\Program Files\Mozilla Firefoxoverride.ini
[2012-09-18 01:56:47 | 000,449,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-09-18 01:56:14 | 000,000,048 | -HS- | M] () -- C:\Windows\rmtf32-k289371-all.dat
[2012-09-17 23:23:17 | 000,001,211 | ---- | M] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.9.lnk
[2012-09-17 23:21:47 | 000,000,007 | ---- | M] () -- C:\Users\Vicky\AppData\Local\~wmrg
[2012-09-17 22:42:17 | 000,001,841 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mouse Button Control.lnk
[2012-09-17 22:36:42 | 000,002,902 | ---- | M] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\Mindjet MindManager 2012.lnk
[2012-09-17 22:33:07 | 000,000,049 | -H-- | M] () -- C:\Users\Vicky\AppData\Roaming\eMail Extractor registration.ini
[2012-09-17 22:28:11 | 000,001,536 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\Sketchpad 5 Preferences.dat
[2012-09-17 22:22:16 | 000,001,821 | ---- | M] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\Kepard.lnk
[2012-09-17 21:19:25 | 000,001,775 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\DreamCalc DC4P.dat
[2012-09-17 21:07:15 | 000,001,229 | ---- | M] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent Ultra Accelerator.lnk
[2012-09-14 22:11:24 | 000,663,522 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-09-14 22:11:24 | 000,121,860 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-09-14 16:45:25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\dvdtest10024.dat
[2012-09-05 16:40:12 | 000,046,690 | ---- | M] () -- C:\Windows\System32\YuoTubeDownloader.xpi
[2012-08-30 13:11:20 | 000,002,256 | ---- | M] () -- C:\Windows\System32\ASOROSet.bin
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Users\Vicky\Documents\*.tmp files -> C:\Users\Vicky\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-09-19 23:40:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-09-19 23:40:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-09-19 23:40:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-09-19 23:40:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-09-19 23:40:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-09-19 22:18:16 | 000,215,597 | ---- | C] () -- C:\Users\Vicky\Desktop\bookmarks-2012-09-19.json
[2012-09-18 13:21:03 | 000,767,960 | ---- | C] () -- C:\Windows\BDTSupport.dll0947.old
[2012-09-18 12:45:54 | 001,318,816 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2012-09-18 01:56:14 | 000,000,048 | -HS- | C] () -- C:\Windows\rmtf32-k289371-all.dat
[2012-09-17 23:29:00 | 000,001,132 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012-09-17 23:23:17 | 000,001,211 | ---- | C] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.9.lnk
[2012-09-17 23:20:47 | 000,000,007 | ---- | C] () -- C:\Users\Vicky\AppData\Local\~wmrg
[2012-09-17 22:44:11 | 000,000,034 | ---- | C] () -- C:\Program Files\Mozilla Firefoxoverride.ini
[2012-09-17 22:41:19 | 000,001,841 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mouse Button Control.lnk
[2012-09-17 22:36:42 | 000,002,902 | ---- | C] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\Mindjet MindManager 2012.lnk
[2012-09-17 22:33:07 | 000,000,049 | -H-- | C] () -- C:\Users\Vicky\AppData\Roaming\eMail Extractor registration.ini
[2012-09-17 22:28:11 | 000,001,536 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Sketchpad 5 Preferences.dat
[2012-09-17 22:22:16 | 000,001,821 | ---- | C] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\Kepard.lnk
[2012-09-17 21:29:59 | 000,183,129 | ---- | C] () -- C:\Windows\System32\AM Install1.INF
[2012-09-17 21:19:12 | 000,001,775 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\DreamCalc DC4P.dat
[2012-09-17 21:07:15 | 000,001,229 | ---- | C] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent Ultra Accelerator.lnk
[2012-09-17 20:46:56 | 000,003,019 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cropping Tool.lnk
[2012-09-17 20:46:56 | 000,003,019 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acme ID Card Maker 5.0.lnk
[2012-09-05 16:40:12 | 000,046,690 | ---- | C] () -- C:\Windows\System32\YuoTubeDownloader.xpi
[2012-07-20 12:07:48 | 000,034,308 | ---- | C] () -- C:\Windows\System32\LB603.dll
[2012-07-20 12:06:58 | 000,157,696 | ---- | C] () -- C:\Windows\System32\asxtract.dll
[2012-07-14 13:04:19 | 000,393,256 | ---- | C] () -- C:\Windows\System32\CNQ2414N.DAT
[2012-07-12 15:18:58 | 000,000,046 | ---- | C] () -- C:\Windows\System32\DonationCoder_desktopcoral_InstallInfo.dat
[2012-07-12 15:18:58 | 000,000,046 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DonationCoder_desktopcoral_InstallInfo.dat
[2012-07-04 14:56:36 | 000,000,218 | ---- | C] () -- C:\Users\Vicky\AppData\Local\recently-used.xbel
[2012-06-14 12:32:14 | 002,621,723 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012-06-09 06:52:40 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-06-08 10:50:34 | 000,000,103 | ---- | C] () -- C:\Windows\System32\_system.ini
[2012-06-08 09:57:00 | 000,107,008 | ---- | C] () -- C:\Windows\poetunin.exe
[2012-06-08 09:56:22 | 000,077,824 | ---- | C] () -- C:\Windows\zipexe_r.exe
[2012-05-25 23:06:49 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2012-05-15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012-05-13 19:55:04 | 000,002,075 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\SAS7_000.DAT
[2012-04-21 09:24:19 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\qhwm.sys
[2012-03-11 22:35:11 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2012-03-11 22:35:11 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2012-03-11 20:58:34 | 000,155,136 | ---- | C] () -- C:\Windows\System32\AI_ContextMenu.dll
[2012-03-06 00:31:32 | 000,000,001 | ---- | C] () -- C:\ProgramData\RandWTTime.dat
[2012-03-05 23:45:17 | 000,000,026 | -H-- | C] () -- C:\ProgramData\.6b14a35055fac291a0de744e5b9ee9ec.dat
[2012-03-05 23:34:25 | 000,036,864 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll
[2012-03-05 23:34:25 | 000,000,160 | ---- | C] () -- C:\Windows\wpd99.drv
[2012-03-03 15:58:36 | 000,000,120 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012-03-02 20:44:59 | 000,005,002 | ---- | C] () -- C:\ProgramData\mxnhytee.feu
[2012-03-01 23:13:56 | 000,000,100 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012-03-01 02:33:09 | 000,000,041 | ---- | C] () -- C:\Users\Vicky\ziprecovery.ini
[2012-03-01 02:32:20 | 000,000,041 | ---- | C] () -- C:\Users\Vicky\rarrecovery.ini
[2012-03-01 02:17:54 | 000,000,990 | ---- | C] () -- C:\Windows\System32\dcimam45.sys
[2012-02-29 23:52:21 | 000,006,852 | ---- | C] () -- C:\Windows\System32\drivers\Vcs.sys
[2012-01-26 01:26:55 | 000,249,856 | ---- | C] () -- C:\Windows\System32\GSService.exe
[2012-01-25 23:30:15 | 000,039,048 | ---- | C] () -- C:\Windows\System32\drivers\ren2cap.sys
[2012-01-21 19:41:06 | 000,248,832 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-21 19:39:24 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-01-21 19:14:27 | 001,053,056 | ---- | C] () -- C:\Windows\System32\drivers\V2WCDRV.sys
[2012-01-18 04:07:07 | 000,002,256 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2012-01-01 23:16:36 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012-01-01 23:16:36 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012-01-01 23:16:36 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012-01-01 23:16:36 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012-01-01 23:16:36 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012-01-01 23:16:36 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012-01-01 23:16:36 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012-01-01 23:16:36 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012-01-01 23:16:36 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012-01-01 23:16:36 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2012-01-01 23:16:36 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012-01-01 23:16:36 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012-01-01 23:16:36 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012-01-01 23:16:36 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012-01-01 23:16:36 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012-01-01 23:16:36 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2012-01-01 23:16:36 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2012-01-01 23:16:36 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012-01-01 23:16:36 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2012-01-01 23:15:59 | 000,126,976 | ---- | C] () -- C:\Windows\System32\EEBAPI.dll
[2012-01-01 23:15:59 | 000,094,208 | ---- | C] () -- C:\Windows\System32\EEBDSCVR.dll
[2012-01-01 23:15:59 | 000,049,152 | ---- | C] () -- C:\Windows\System32\EBAPI.dll
[2012-01-01 21:39:18 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012-01-01 20:32:54 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012-01-01 19:44:44 | 000,794,906 | ---- | C] () -- C:\Windows\unins000.exe
[2012-01-01 19:44:44 | 000,004,027 | ---- | C] () -- C:\Windows\unins000.dat
[2012-01-01 19:13:08 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dvdtest10024.dat
[2011-12-29 01:44:43 | 000,000,058 | ---- | C] () -- C:\Windows\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011-12-29 01:44:43 | 000,000,058 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011-12-27 18:45:44 | 000,002,033 | ---- | C] () -- C:\ProgramData\search_result.xml
[2011-12-26 21:25:06 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2011-12-26 20:36:14 | 000,655,512 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011-12-26 20:04:11 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-12-26 19:19:13 | 000,029,462 | ---- | C] () -- C:\Windows\System32\netaf932.dll
[2011-11-17 07:10:38 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011-10-09 02:52:38 | 000,315,392 | ---- | C] ( ) -- C:\Windows\System32\sbcrreag.dll
[2011-08-12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011-01-21 12:30:06 | 000,311,296 | ---- | C] () -- C:\Windows\System32\EmRegSys.dll
[2010-07-08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe

========== ZeroAccess Check ==========

[2009-07-14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011-08-30 09:51:25 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012-02-03 23:34:44 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\5imyshow.Ltd
[2012-06-14 17:32:34 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Acapela Group
[2012-04-11 03:07:52 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\AdultAdvantage
[2012-03-11 20:59:58 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Aimersoft Video Converter Ultimate
[2012-05-25 22:30:39 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\AnvSoft
[2012-01-30 18:00:00 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Apowersoft
[2012-05-25 22:35:58 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\BinarySense
[2011-12-26 20:49:35 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\BitDefender
[2012-01-21 06:27:18 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\cald3
[2012-09-17 23:26:33 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\calibre
[2012-01-23 02:16:57 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Canneverbe_Limited
[2012-07-14 13:19:27 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Canon
[2012-06-27 20:06:13 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\CLiPW
[2012-06-28 17:06:49 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\CocotronLibrary
[2012-05-08 17:53:52 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\ComfortSoftware
[2012-09-17 22:31:55 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\CommonDataMSI
[2012-05-08 17:56:27 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\concept design
[2012-04-29 15:49:43 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\DAEMON Tools Pro
[2012-07-04 14:56:32 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\deluge
[2012-06-08 12:02:14 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Design Science
[2012-03-01 17:01:25 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\DeskSoft
[2012-09-17 21:15:45 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Direct Folders
[2012-09-17 21:16:37 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\DiskSpaceFan
[2011-12-29 01:44:43 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\DonationCoder
[2011-12-29 01:52:05 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\DuckLink
[2012-01-01 19:13:10 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\DVD-Cloner
[2012-04-24 17:59:04 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\DVDVideoSoft
[2012-01-01 19:38:37 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\DVDVideoSoftIEHelpers
[2012-08-30 11:54:03 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Easy Macro Recorder
[2012-05-08 18:04:40 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\EasyMP3Downloader
[2012-06-07 20:41:28 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\FaceOffMax
[2012-01-01 19:43:31 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\FreeArc
[2012-06-30 23:31:58 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\gtk-2.0
[2012-06-27 18:07:49 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Hard Disk Sentinel
[2012-05-08 22:49:34 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\HideIPPrivacy
[2012-09-17 22:31:14 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Iconico
[2012-03-03 03:30:37 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\IGC
[2012-04-12 14:41:58 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\ImgBurn
[2012-03-02 15:01:56 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\IN-MEDIAKG
[2012-06-27 17:07:43 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Informatik Scan
[2012-03-01 23:12:04 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Intermedia Software
[2012-09-17 21:29:41 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\J River
[2012-05-08 23:37:54 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Jutoh
[2012-07-13 20:04:55 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Leadertech
[2012-08-20 12:04:43 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Mariner Software
[2012-09-17 22:32:45 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Maxprog
[2012-05-08 17:40:06 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\MechCAD
[2012-05-25 23:29:17 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\med2
[2012-09-16 21:58:51 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\MediaMonkey
[2012-09-15 02:06:33 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\MiniLyrics
[2012-07-13 17:52:11 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Mipony
[2012-05-25 22:54:05 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\MOBILedit
[2012-06-08 10:42:46 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Movienizer
[2012-03-02 15:01:56 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\mresreg
[2012-09-17 22:30:24 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\MyPhoneExplorer
[2012-07-20 11:54:36 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Mythicsoft
[2012-05-16 01:13:18 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Need for Speed World
[2012-03-02 20:26:37 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Netscape
[2012-05-13 19:36:21 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Nuance
[2012-06-27 17:32:05 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\oald8
[2012-03-02 17:17:09 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\ooVoo Details
[2012-03-01 02:35:51 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\OtakuSoftware
[2012-03-02 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\PearlMountain
[2012-03-02 18:01:18 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\PearlMountain Image Resizer Pro
[2012-07-17 16:44:10 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\PearlMountain Image Converter
[2012-03-02 18:01:05 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\PearlMountain Image Resizer Pro
[2012-03-02 18:16:10 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Pelikan Software KFT
[2012-01-19 13:17:46 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\PersonalBrain
[2012-03-02 20:25:32 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Photodex
[2012-03-03 16:41:49 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Pixelplan
[2012-08-30 13:17:33 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\ProcessLasso
[2012-05-08 23:21:27 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\PunkBuster
[2012-02-10 18:58:01 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\QuickScan
[2012-06-08 11:45:25 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Rainmeter
[2012-05-25 23:37:37 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\RapidTyping
[2012-03-03 15:58:33 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Reasonable Software House Ltd
[2012-06-27 17:12:26 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Resort Labs
[2012-09-02 11:51:39 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Rovio
[2012-09-17 21:01:08 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Scooter Software
[2012-06-07 20:22:10 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\ScreenSteps
[2012-06-08 11:15:52 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Softplicity
[2012-05-09 00:13:50 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\SuperMP3Download
[2012-06-27 16:02:46 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\SuperUtils.com
[2012-09-17 23:06:40 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\SurfAnonymousFree
[2012-08-30 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\SwordSearcher
[2012-01-01 20:26:52 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Systweak
[2012-07-20 00:14:28 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\TeraCopy
[2012-09-18 12:44:23 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\TestApp
[2012-05-25 23:07:33 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\The Complete Genealogy Builder
[2012-05-25 23:36:30 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\The Complete Genealogy Reporter
[2012-06-14 01:11:51 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Thunderbird
[2012-03-03 00:02:46 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\UDC Profiles
[2012-03-03 00:03:05 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\USBSafelyRemove
[2012-09-23 18:50:05 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\uTorrent
[2012-06-08 00:56:54 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\uTorrent Turbo Booster
[2012-07-13 17:20:57 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Video2Webcam
[2012-01-01 19:24:15 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\VitySoft
[2012-02-22 20:08:24 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\WeatherWatcherLive
[2012-06-29 04:24:54 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\WebcamMax
[2012-08-30 12:36:38 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Wise Disk Cleaner
[2012-05-25 23:36:36 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Wondershare
[2012-09-17 20:49:58 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Writer's Cafe 2
[2012-06-14 17:34:37 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Xtranormal
[2012-03-01 01:02:56 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\YCanPDF

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011-12-26 20:49:26 | 000,000,000 | ---- | M] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污
[2011-12-26 20:49:26 | 000,000,000 | ---- | C] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:55B41E6A

< End of report >

Changed homapage after scan to google but it turned back to apype. I have Bitdefender Antiphishing toolbar and Bitdefender Trafficlight add ons installed just so you know.
========== OTL ==========
Prefs.js: "Custom search" removed from browser.search.defaultenginename
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "Custom search" removed from browser.search.selectedEngine
Prefs.js: "http://apype.com" removed from browser.startup.homepage
Prefs.js: "http://apype.com/results.php?q=" removed from keyword.URL
ADS C:\ProgramData\Temp:55B41E6A deleted successfully.

OTL by OldTimer - Version 3.2.66.0 log created on 09242012_012757

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-24 17:23:50
-----------------------------
17:23:50.610 OS Version: Windows 6.1.7601 Service Pack 1
17:23:50.610 Number of processors: 2 586 0xF0D
17:23:50.613 ComputerName: VICKY-PC UserName: Vicky
17:23:52.084 Initialize success
17:24:02.980 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
17:24:02.982 Disk 0 Vendor: WDC_WD2500AAJS-07M0A0 01.03E01 Size: 238475MB BusType: 3
17:24:02.989 Disk 0 MBR read successfully
17:24:02.992 Disk 0 MBR scan
17:24:02.994 Disk 0 Windows 7 default MBR code
17:24:03.000 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:24:03.011 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 54902 MB offset 206848
17:24:03.015 Disk 0 Partition - 00 0F Extended LBA 183468 MB offset 112647780
17:24:03.032 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 91786 MB offset 112648192
17:24:03.036 Disk 0 Partition - 00 05 Extended 91681 MB offset 300627905
17:24:03.061 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 60051 MB offset 300627968
17:24:03.066 Disk 0 Partition - 00 05 Extended 31629 MB offset 611594526
17:24:03.090 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 31629 MB offset 423614464
17:24:03.097 Disk 0 scanning sectors +488392065
17:24:03.149 Disk 0 scanning C:\Windows\system32\drivers
17:24:10.287 Service scanning
17:24:25.547 Modules scanning
17:24:34.118 Disk 0 trace - called modules:
17:24:34.130 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8631f1e8]<<
17:24:34.137 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864df030]
17:24:34.144 3 CLASSPNP.SYS[8c79359e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x8638f908]
17:24:34.156 \Driver\atapi[0x86388680] -> IRP_MJ_CREATE -> 0x8631f1e8
17:24:34.168 Scan finished successfully
17:24:55.676 Disk 0 MBR has been saved successfully to "C:\Users\Vicky\Desktop\MBR.dat"
17:24:55.684 The log file has been saved successfully to "C:\Users\Vicky\Desktop\aswMBR.txt"


3ÀŽÐ¼ |ŽÀŽØ¾ |¿ ¹ üó¤PhËû¹ ½¾€~ |…
ƒÅâñ͈V UÆFÆF ´A»ªUÍ]rûUªu ÷Á
tþFf`€~ t&fh fÿvh h |h
h ´BŠV ‹ôÍŸƒÄžë¸
» |ŠV Šv
ŠNŠnÍfasþNu€~ €„Š ²€ë„U2äŠV Í]랁>þ}Uªunÿv è uú°Ñædèƒ °ßæ`è| °ÿædèu û¸ »Íf#Àu;fûTCPAu2ù
r,fh» fh  fh fSfSfUfh fh | fah ÍZ2öê | Í ·ë ¶ë µ2ä ‹ð¬< t » ´Íëòôëý+Éädë $àø$ÃInvalid partition table Error loading operating system Missing operating system c{š €k †0   †0ßÓÿ ( °³ ßÓÿßÓÿdÞ¶ge Uª

Didn't work.

# AdwCleaner v2.003 - Logfile created 09/25/2012 at 16:31:06
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Vicky - VICKY-PC
# Boot Mode : Normal
# Running from : C:\Users\Vicky\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\House\AppData\Roaming\Mozilla\Firefox\Profiles\asu9wrvh.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3337 octets] - [19/09/2012 03:40:30]
AdwCleaner[S1].txt - [3955 octets] - [19/09/2012 22:58:49]
AdwCleaner[S2].txt - [1234 octets] - [21/09/2012 20:48:00]
AdwCleaner[S3].txt - [1073 octets] - [25/09/2012 16:31:06]

########## EOF - C:\AdwCleaner[S3].txt - [1133 octets] ##########

OTL logfile created on: 26-Sep-12 2:30:50 PM - Run 3
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Vicky\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

3.00 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 67.12% Memory free
5.99 Gb Paging File | 4.78 Gb Available in Paging File | 79.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 53.62 Gb Total Space | 9.76 Gb Free Space | 18.20% Space Free | Partition Type: NTFS
Drive D: | 89.63 Gb Total Space | 10.71 Gb Free Space | 11.95% Space Free | Partition Type: NTFS
Drive E: | 58.64 Gb Total Space | 0.51 Gb Free Space | 0.87% Space Free | Partition Type: NTFS
Drive F: | 30.89 Gb Total Space | 0.13 Gb Free Space | 0.41% Space Free | Partition Type: NTFS

Computer Name: VICKY-PC | User Name: Vicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-09-24 00:59:52 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
PRC - [2012-09-17 22:41:17 | 000,458,752 | ---- | M] (ElectraSoft) -- C:\Program Files\ElectraSoft\mbc\MBC.EXE
PRC - [2012-09-10 19:05:26 | 000,446,664 | ---- | M] () -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
PRC - [2012-08-31 19:32:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012-08-22 20:24:50 | 000,369,544 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessGovernor.exe
PRC - [2012-08-22 20:24:48 | 000,677,256 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessLasso.exe
PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-07-30 10:48:16 | 001,518,504 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
PRC - [2012-07-28 02:21:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-05-15 15:56:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-05-15 14:57:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-03-28 23:47:48 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2012-03-09 16:58:08 | 002,906,112 | ---- | M] (NeoSoft Tools) -- C:\Program Files\Chameleon Folder 2\chfolder.exe
PRC - [2012-03-05 16:13:04 | 000,845,640 | ---- | M] (BinarySense, Inc.) -- C:\Program Files\Common Files\BinarySense\hldasvc.exe
PRC - [2012-02-16 13:49:28 | 002,310,544 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2011-12-26 21:06:50 | 001,451,928 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2011-12-26 21:04:20 | 002,090,016 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
PRC - [2011-12-26 21:03:39 | 000,064,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
PRC - [2011-12-26 21:01:49 | 000,043,936 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
PRC - [2011-11-11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-11-11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011-08-12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011-02-25 11:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 17:47:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-03-16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2012-06-28 17:30:25 | 016,531,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bcee5d59d5cc1be6caddd114461e60b6\mscorlib.ni.dll
MOD - [2012-03-09 13:15:40 | 000,894,464 | ---- | M] () -- C:\Program Files\Chameleon Folder 2\cf.dll
MOD - [2011-12-26 21:05:09 | 000,185,040 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2011\framework.dll
MOD - [2011-12-26 21:03:12 | 000,189,184 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2011\txmlutil.dll
MOD - [2011-12-26 21:02:38 | 000,109,344 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2011\connector.dll
MOD - [2011-11-11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011-11-11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011-11-11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011-11-11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011-11-11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011-11-11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011-11-11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011-08-12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2010-03-24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll


========== Services (SafeList) ==========

SRV - [2012-09-17 21:32:18 | 000,394,920 | ---- | M] (JRiver, Inc.) [On_Demand | Stopped] -- C:\Program Files\J River\Media Center 17\JRService.exe -- (Media Center 17 Service)
SRV - [2012-09-10 19:05:26 | 000,446,664 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe -- (IceDragonUpdater)
SRV - [2012-09-08 12:38:57 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-08-31 19:32:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-30 10:48:16 | 001,518,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe -- (AHDDC2)
SRV - [2012-07-28 02:21:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-06-27 17:21:31 | 003,081,220 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - [2012-06-07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-15 15:56:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-04-23 16:16:08 | 000,484,304 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Stopped] -- C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe -- (HDDSvc)
SRV - [2012-03-28 23:47:48 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2012-03-05 16:13:04 | 000,845,640 | ---- | M] (BinarySense, Inc.) [Auto | Running] -- C:\Program Files\Common Files\BinarySense\hldasvc.exe -- (HDDlife HDD Access service)
SRV - [2012-02-16 13:49:28 | 002,310,544 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2012-01-23 22:21:20 | 000,249,856 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\GSService.exe -- (GSService)
SRV - [2011-12-26 21:04:20 | 002,090,016 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2011-12-26 21:01:49 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2010-11-30 07:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010-07-23 12:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010-06-25 22:37:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-08-24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe -- (DfSdkS)
SRV - [2009-07-14 06:46:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-11-10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nbdrv.sys -- (Nbdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Vicky\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ac08bro8)
DRV - [2012-08-07 16:06:00 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2012-06-24 14:38:10 | 000,158,144 | ---- | M] (Romex Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fancyrd.sys -- (FancyRd)
DRV - [2012-05-24 16:34:59 | 000,039,016 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2012-05-24 16:34:53 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV - [2012-05-24 16:34:53 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCap)
DRV - [2012-05-15 15:56:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-04-29 13:48:14 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012-04-29 13:46:40 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-04-18 22:38:04 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012-02-02 21:08:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2012-01-18 12:14:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011-12-26 21:03:38 | 000,122,552 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2011-12-26 21:02:05 | 000,306,320 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\trufos.sys -- (Trufos)
DRV - [2011-12-08 05:22:36 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011-12-08 05:22:36 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2011-12-08 05:22:36 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011-11-07 16:18:14 | 000,039,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ren2cap.sys -- (REN2CAP_DRIVER)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2011-08-31 14:38:08 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2011-07-15 23:43:12 | 000,135,680 | ---- | M] (Oracle Corporation) [Kernel | Auto | Running] -- C:\Program Files\YouWave_Android\vb\VBoxDrv.sys -- (VBoxDrv)
DRV - [2011-06-23 12:13:04 | 001,068,216 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\wcmvcam.sys -- (WCMVCAM)
DRV - [2011-05-06 23:29:32 | 000,024,848 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lmvac.sys -- (LTXMD_VAC)
DRV - [2011-03-24 15:36:18 | 000,353,096 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010-11-29 14:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2010-11-29 14:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2010-11-20 18:00:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 18:00:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 18:00:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 15:54:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 15:29:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 14:44:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 14:44:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-08-20 18:41:54 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2010-08-20 15:41:58 | 000,072,784 | ---- | M] (BitDefender) [Kernel | System | Running] -- c:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf6.sys -- (Bdfndisf)
DRV - [2010-06-25 22:37:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010-05-13 16:52:04 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (bdfm)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009-12-30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009-07-14 05:15:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com/?fr=fp-spt_gen
IE - HKLM\..\URLSearchHook: {3d175337-41e3-48eb-a754-493577f658b9} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC ED 73 4E 17 BB CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{48444E1A-FD18-45C6-92C1-3A8819B65AE0}: "URL" = http://in.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{95853F18-90B6-4472-A2AD-3BFAF5F5A51F}: "URL" = http://www.google.com/search?q={sea...rce}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Custom search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Custom search"
FF - prefs.js..browser.startup.homepage: "http://apype.com"
FF - prefs.js..extensions.enabledAddons: optimizegoogle@optimizegoogle.com:0.79.1
FF - prefs.js..extensions.enabledAddons: trafficlight@bitdefender.com:0.1.28
FF - prefs.js..extensions.enabledAddons: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: {dc572301-7619-498c-a57d-39143191b318}:0.4.0.3
FF - prefs.js..extensions.enabledAddons: FFToolbar@bitdefender.com:8.0
FF - prefs.js..extensions.enabledAddons: {B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}:0.3.7.2
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: {FF2FA6A4-B3B1-11DD-B910-6C9A55D89593}:0.44
FF - prefs.js..extensions.enabledAddons: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.9.1
FF - prefs.js..keyword.URL: "http://apype.com/results.php?q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Vicky\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Vicky\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Vicky\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@us-w1.rockmelt.com/RockMelt Update;version=8: C:\Users\Vicky\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2012-06-08 00:37:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-13 17:48:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-08 12:38:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-09-08 12:38:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-06-14 01:11:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2012-06-08 00:37:26 | 000,000,000 | ---D | M]

[2011-12-24 23:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Extensions
[2012-09-23 15:16:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions
[2012-04-25 19:19:57 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2012-09-16 21:10:41 | 000,000,000 | ---D | M] (Bazzacuda Image Saver Plus) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{FF2FA6A4-B3B1-11DD-B910-6C9A55D89593}
[2012-08-24 18:48:32 | 000,024,018 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\customization@adblockplus.org.xpi
[2012-09-13 11:42:12 | 000,067,038 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\fbp@fbpurity.com.xpi
[2012-09-13 11:42:09 | 000,162,292 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\fbsidebardisabler@vittgam.net.xpi
[2011-11-12 20:29:12 | 000,236,088 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\optimizegoogle@optimizegoogle.com.xpi
[2012-02-10 18:52:01 | 000,792,865 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\trafficlight@bitdefender.com.xpi
[2012-07-11 11:44:22 | 000,004,404 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2012-09-18 12:31:27 | 000,506,361 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2011-08-12 07:58:54 | 000,021,093 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2011-07-26 05:40:30 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2012-09-11 12:23:53 | 000,021,014 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi
[2012-07-27 07:18:36 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011-10-30 01:44:28 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012-07-21 22:46:07 | 000,702,524 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2012-09-16 22:47:17 | 000,016,192 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi
[2012-09-13 16:03:12 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\fhijf7ns.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012-09-08 12:38:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-09-08 12:38:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-09-08 12:38:54 | 000,000,000 | ---D | M] (TextAloud 3 Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{99a0337c-6303-4879-b72e-500fd9aaca8c}
[2012-06-08 00:37:26 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2011\BDAPHFFEXT
[2012-09-08 12:38:57 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009-07-31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2012-07-13 17:47:55 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012-08-29 00:22:58 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-07-12 14:14:41 | 000,005,137 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ergative.xml
[2012-08-29 00:22:58 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2010-12-09 02:51:24 | 000,002,224 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\webblog.xml

O1 HOSTS File: ([2012-09-20 10:59:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - {3d175337-41e3-48eb-a754-493577f658b9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKCU..\Run: [Chameleon Folder] C:\Program Files\Chameleon Folder 2\chfolder.exe (NeoSoft Tools)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mouse Button Control.lnk = C:\Program Files\ElectraSoft\mbc\MBC.EXE (ElectraSoft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Link Commander collection - Reg Error: Value error. File not found
O8 - Extra context menu item: Download with Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send Image To MindManager - E:\Vicky\Installed\Mindjet MindManager\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Link To MindManager - E:\Vicky\Installed\Mindjet MindManager\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Page To MindManager - E:\Vicky\Installed\Mindjet MindManager\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Text To MindManager - E:\Vicky\Installed\Mindjet MindManager\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05C55753-A390-4370-BD93-BBB2EAB7A44D}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-09-24 17:21:54 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Vicky\Desktop\aswMBR.exe
[2012-09-24 00:59:50 | 000,601,600 | ---- | C] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
[2012-09-23 15:15:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-09-21 00:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012-09-20 11:04:43 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-09-20 10:59:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-09-20 10:58:11 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\temp
[2012-09-19 23:40:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012-09-19 23:40:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012-09-19 23:40:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012-09-19 23:39:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-09-19 23:38:51 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012-09-18 22:21:26 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\PC Tools
[2012-09-18 20:03:02 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\Threat Expert
[2012-09-18 13:21:02 | 002,267,096 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll0947.old
[2012-09-18 13:21:02 | 000,149,464 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll0947.old
[2012-09-18 13:20:00 | 000,017,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2012-09-18 13:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012-09-18 12:45:46 | 000,203,120 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012-09-18 12:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012-09-18 12:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012-09-18 12:44:23 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\TestApp
[2012-09-18 11:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mindjet
[2012-09-17 23:28:50 | 000,025,088 | ---- | C] (TeamViewer GmbH) -- C:\Windows\System32\drivers\teamviewervpn.sys
[2012-09-17 23:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012-09-17 23:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
[2012-09-17 23:25:49 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Calibre Library
[2012-09-17 23:25:44 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\calibre
[2012-09-17 23:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2
[2012-09-17 23:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[2012-09-17 23:23:17 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
[2012-09-17 23:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire 5
[2012-09-17 23:13:26 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\Usmania_Code
[2012-09-17 23:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Usmania Code
[2012-09-17 23:13:03 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Usmania Code
[2012-09-17 23:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Usmania Code
[2012-09-17 23:13:02 | 000,000,000 | R--D | C] -- C:\AHCache
[2012-09-17 23:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Throttle
[2012-09-17 23:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Throttle
[2012-09-17 22:56:53 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\SurfAnonymousFree
[2012-09-17 22:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SurfAnonymousFree
[2012-09-17 22:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CalcTape
[2012-09-17 22:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\CalcTape
[2012-09-17 22:53:00 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\SMP Data
[2012-09-17 22:52:50 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\DeskShare
[2012-09-17 22:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\firebird
[2012-09-17 22:52:34 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\DeskShare Data
[2012-09-17 22:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Deskshare
[2012-09-17 22:52:26 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\Spoon
[2012-09-17 22:52:23 | 000,000,000 | ---D | C] -- C:\Program Files\Deskshare
[2012-09-17 22:49:07 | 001,791,920 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.Controls.v13.1.0.ocx
[2012-09-17 22:49:07 | 001,226,672 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.ReportControl.v13.1.0.ocx
[2012-09-17 22:49:07 | 000,538,544 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.SkinFramework.Unicode.v12.0.2.ocx
[2012-09-17 22:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reminder Commander
[2012-09-17 22:49:06 | 002,320,304 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.CommandBars.v13.1.0.ocx
[2012-09-17 22:49:06 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2012-09-17 22:49:06 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB5DB.DLL
[2012-09-17 22:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\Reminder Commander
[2012-09-17 22:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Primo Ramdisk Ultimate Edition
[2012-09-17 22:47:53 | 000,158,144 | ---- | C] (Romex Software) -- C:\Windows\System32\drivers\fancyrd.sys
[2012-09-17 22:47:53 | 000,019,392 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\System32\drivers\rxbsknl.sys
[2012-09-17 22:47:52 | 000,000,000 | ---D | C] -- C:\Program Files\Primo Ramdisk Ultimate Edition
[2012-09-17 22:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Photo Stamp Remover
[2012-09-17 22:41:20 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mouse Button Control
[2012-09-17 22:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Button Control
[2012-09-17 22:40:59 | 000,000,000 | ---D | C] -- C:\mbc
[2012-09-17 22:39:21 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\RobotSoft
[2012-09-17 22:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\RobotSoft
[2012-09-17 22:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse and Keyboard Recorder
[2012-09-17 22:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mirabyte Feed Writer
[2012-09-17 22:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\mirabyte
[2012-09-17 22:37:05 | 000,005,632 | ---- | C] (Tracker Software) -- C:\Windows\System32\pxc25pm.dll
[2012-09-17 22:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 3
[2012-09-17 22:36:53 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\My Maps
[2012-09-17 22:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mindjet MindManager 2012
[2012-09-17 22:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Mindjet
[2012-09-17 22:35:28 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\{9D53112B-37A1-4DBB-8E9C-CDC5FFF46604}
[2012-09-17 22:32:45 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Maxprog
[2012-09-17 22:32:45 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Maxprog
[2012-09-17 22:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMail Extractor
[2012-09-17 22:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\eMail Extractor
[2012-09-17 22:31:18 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\CommonDataMSI
[2012-09-17 22:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LineReader
[2012-09-17 22:31:14 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Iconico
[2012-09-17 22:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\LineReader
[2012-09-17 22:30:24 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\MyPhoneExplorer
[2012-09-17 22:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\MyPhoneExplorer
[2012-09-17 22:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sketchpad
[2012-09-17 22:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\GtkSharp
[2012-09-17 22:22:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kepard
[2012-09-17 22:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Kepard
[2012-09-17 22:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChordWizard Music Theory 3.0
[2012-09-17 22:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\ChordWizard
[2012-09-17 21:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 17
[2012-09-17 21:30:00 | 000,381,608 | ---- | C] (JRiver, Inc.) -- C:\Windows\System32\MC17.exe
[2012-09-17 21:29:59 | 000,585,728 | ---- | C] (Audible Inc.) -- C:\Windows\System32\AReadyLB.dll
[2012-09-17 21:29:59 | 000,229,376 | ---- | C] (Audible Inc.) -- C:\Windows\System32\AudDevicePlugin.dll
[2012-09-17 21:29:58 | 000,000,000 | ---D | C] -- C:\Program Files\J River
[2012-09-17 21:29:41 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\J River
[2012-09-17 21:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Halotea
[2012-09-17 21:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mirolit
[2012-09-17 21:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mirolit
[2012-09-17 21:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geometry Expressions v3.0
[2012-09-17 21:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Geometry Expressions v3.0
[2012-09-17 21:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gammadyne
[2012-09-17 21:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System-G
[2012-09-17 21:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\Gammadyne Mailer
[2012-09-17 21:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThunderSoft
[2012-09-17 21:19:52 | 000,000,000 | ---D | C] -- C:\Program Files\ThunderSoft
[2012-09-17 21:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamCalc DC4P
[2012-09-17 21:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\DreamCalc DC4P
[2012-09-17 21:16:34 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\DiskSpaceFan
[2012-09-17 21:16:29 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disk Space Fan 4
[2012-09-17 21:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Cookapp
[2012-09-17 21:14:59 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Direct Folders
[2012-09-17 21:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct Folders
[2012-09-17 21:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Direct Folders
[2012-09-17 21:11:28 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Anthemion Writer's Café 2.32
[2012-09-17 21:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitTorrent Ultra Accelerator
[2012-09-17 21:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent Ultra Accelerator
[2012-09-17 21:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\Tint Guide
[2012-09-17 21:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beauty Guide
[2012-09-17 21:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Beauty Guide
[2012-09-17 21:01:08 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Scooter Software
[2012-09-17 21:01:03 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyond Compare 3
[2012-09-17 21:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\Beyond Compare 3
[2012-09-17 20:51:53 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012-09-17 20:51:49 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\System32\DfSdkBt.exe
[2012-09-17 20:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012-09-17 20:49:04 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Writer's Cafe Documents
[2012-09-17 20:49:04 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Writer's Cafe 2
[2012-09-17 20:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anthemion Writer's Café 2.32
[2012-09-17 20:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\Writer's Cafe 2
[2012-09-17 20:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Acmework
[2012-09-15 02:29:43 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\dvdcss
[2012-09-13 17:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office 2010 Trial Extender
[2012-09-13 17:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\Office 2010 Trial Extender
[2012-09-08 12:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-09-05 04:29:25 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\Apple Computer
[2012-09-03 13:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2012-09-03 13:43:46 | 000,000,000 | ---D | C] -- C:\Program Files\RocketDock
[2012-09-03 12:21:02 | 003,405,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsrchvw.exe
[2012-09-03 12:20:59 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
[2012-09-03 12:20:58 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2012-09-03 12:20:57 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2012-09-03 12:20:56 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012-09-03 12:20:55 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012-09-03 12:20:51 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2012-09-03 12:20:50 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2012-09-03 12:20:47 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2012-09-03 12:20:46 | 006,376,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2012-09-03 12:20:45 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012-09-03 12:20:44 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012-09-03 12:20:41 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012-09-03 12:20:40 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012-09-03 12:20:39 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2012-09-03 12:20:37 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012-09-03 12:20:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012-09-03 12:20:34 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012-09-03 12:20:34 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DisplaySwitch.exe
[2012-09-03 12:20:33 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\control.exe
[2012-09-03 12:20:32 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorcpl.exe
[2012-09-03 12:20:31 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cleanmgr.exe
[2012-09-03 12:20:30 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\charmap.exe
[2012-09-03 12:20:29 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2012-09-03 12:20:27 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012-09-03 12:20:24 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012-09-03 12:20:23 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2012-09-03 12:20:20 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.dll
[2012-09-03 12:20:14 | 020,268,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imageres.dll
[2012-09-03 12:20:13 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012-09-03 12:20:12 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2012-09-03 12:20:11 | 000,379,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2012-09-03 12:20:10 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012-09-03 12:20:07 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2012-09-02 11:51:39 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Rovio
[2012-09-02 11:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
[2012-09-01 13:35:38 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012-09-01 13:35:31 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012-09-01 13:35:31 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012-09-01 13:35:31 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012-08-30 13:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ProcessLasso
[2012-08-30 13:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso
[2012-08-30 13:15:47 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\ProcessLasso
[2012-08-30 13:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Process Lasso
[2012-08-30 12:35:19 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Wise Disk Cleaner
[2012-08-30 12:32:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Users\Vicky\Documents\*.tmp files -> C:\Users\Vicky\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-09-26 14:24:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-499340394-4099650204-2415665824-1000UA.job
[2012-09-26 10:24:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-499340394-4099650204-2415665824-1000Core.job
[2012-09-25 22:11:41 | 000,017,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-25 22:11:41 | 000,017,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-25 22:04:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-09-25 22:04:11 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2012-09-25 16:30:16 | 000,513,501 | ---- | M] () -- C:\Users\Vicky\Desktop\adwcleaner.exe
[2012-09-25 15:01:11 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012-09-24 17:23:17 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Vicky\Desktop\aswMBR.exe
[2012-09-24 00:59:52 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Desktop\OTL.exe
[2012-09-20 10:59:51 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012-09-19 22:18:18 | 000,215,597 | ---- | M] () -- C:\Users\Vicky\Desktop\bookmarks-2012-09-19.json
[2012-09-19 20:26:14 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012-09-18 22:20:42 | 001,318,816 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012-09-18 18:07:04 | 000,000,034 | ---- | M] () -- C:\Program Files\Mozilla Firefoxoverride.ini
[2012-09-18 01:56:47 | 000,449,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-09-18 01:56:14 | 000,000,048 | -HS- | M] () -- C:\Windows\rmtf32-k289371-all.dat
[2012-09-17 23:23:17 | 000,001,211 | ---- | M] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.9.lnk
[2012-09-17 23:21:47 | 000,000,007 | ---- | M] () -- C:\Users\Vicky\AppData\Local\~wmrg
[2012-09-17 22:42:17 | 000,001,841 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mouse Button Control.lnk
[2012-09-17 22:36:42 | 000,002,902 | ---- | M] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\Mindjet MindManager 2012.lnk
[2012-09-17 22:33:07 | 000,000,049 | -H-- | M] () -- C:\Users\Vicky\AppData\Roaming\eMail Extractor registration.ini
[2012-09-17 22:28:11 | 000,001,536 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\Sketchpad 5 Preferences.dat
[2012-09-17 22:22:16 | 000,001,821 | ---- | M] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\Kepard.lnk
[2012-09-17 21:19:25 | 000,001,775 | ---- | M] () -- C:\Users\Vicky\AppData\Roaming\DreamCalc DC4P.dat
[2012-09-17 21:07:15 | 000,001,229 | ---- | M] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent Ultra Accelerator.lnk
[2012-09-14 22:11:24 | 000,663,522 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-09-14 22:11:24 | 000,121,860 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-09-14 16:45:25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\dvdtest10024.dat
[2012-09-05 16:40:12 | 000,046,690 | ---- | M] () -- C:\Windows\System32\YuoTubeDownloader.xpi
[2012-09-01 13:35:25 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012-09-01 13:35:24 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012-09-01 13:35:24 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012-09-01 13:35:23 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2012-09-01 13:35:23 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012-09-01 13:35:23 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012-08-30 13:11:20 | 000,002,256 | ---- | M] () -- C:\Windows\System32\ASOROSet.bin
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Users\Vicky\Documents\*.tmp files -> C:\Users\Vicky\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-09-25 16:30:01 | 000,513,501 | ---- | C] () -- C:\Users\Vicky\Desktop\adwcleaner.exe
[2012-09-19 23:40:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-09-19 23:40:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-09-19 23:40:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-09-19 23:40:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-09-19 23:40:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-09-19 22:18:16 | 000,215,597 | ---- | C] () -- C:\Users\Vicky\Desktop\bookmarks-2012-09-19.json
[2012-09-18 13:21:03 | 000,767,960 | ---- | C] () -- C:\Windows\BDTSupport.dll0947.old
[2012-09-18 12:45:54 | 001,318,816 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2012-09-18 01:56:14 | 000,000,048 | -HS- | C] () -- C:\Windows\rmtf32-k289371-all.dat
[2012-09-17 23:29:00 | 000,001,132 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012-09-17 23:23:17 | 000,001,211 | ---- | C] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.9.lnk
[2012-09-17 23:20:47 | 000,000,007 | ---- | C] () -- C:\Users\Vicky\AppData\Local\~wmrg
[2012-09-17 22:44:11 | 000,000,034 | ---- | C] () -- C:\Program Files\Mozilla Firefoxoverride.ini
[2012-09-17 22:41:19 | 000,001,841 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mouse Button Control.lnk
[2012-09-17 22:36:42 | 000,002,902 | ---- | C] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\Mindjet MindManager 2012.lnk
[2012-09-17 22:33:07 | 000,000,049 | -H-- | C] () -- C:\Users\Vicky\AppData\Roaming\eMail Extractor registration.ini
[2012-09-17 22:28:11 | 000,001,536 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Sketchpad 5 Preferences.dat
[2012-09-17 22:22:16 | 000,001,821 | ---- | C] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\Kepard.lnk
[2012-09-17 21:29:59 | 000,183,129 | ---- | C] () -- C:\Windows\System32\AM Install1.INF
[2012-09-17 21:19:12 | 000,001,775 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\DreamCalc DC4P.dat
[2012-09-17 21:07:15 | 000,001,229 | ---- | C] () -- C:\Users\Vicky\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent Ultra Accelerator.lnk
[2012-09-17 20:46:56 | 000,003,019 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cropping Tool.lnk
[2012-09-17 20:46:56 | 000,003,019 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acme ID Card Maker 5.0.lnk
[2012-09-05 16:40:12 | 000,046,690 | ---- | C] () -- C:\Windows\System32\YuoTubeDownloader.xpi
[2012-07-20 12:07:48 | 000,034,308 | ---- | C] () -- C:\Windows\System32\LB603.dll
[2012-07-20 12:06:58 | 000,157,696 | ---- | C] () -- C:\Windows\System32\asxtract.dll
[2012-07-14 13:04:19 | 000,393,256 | ---- | C] () -- C:\Windows\System32\CNQ2414N.DAT
[2012-07-12 15:18:58 | 000,000,046 | ---- | C] () -- C:\Windows\System32\DonationCoder_desktopcoral_InstallInfo.dat
[2012-07-12 15:18:58 | 000,000,046 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DonationCoder_desktopcoral_InstallInfo.dat
[2012-07-04 14:56:36 | 000,000,218 | ---- | C] () -- C:\Users\Vicky\AppData\Local\recently-used.xbel
[2012-06-14 12:32:14 | 002,621,723 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012-06-09 06:52:40 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-06-08 10:50:34 | 000,000,103 | ---- | C] () -- C:\Windows\System32\_system.ini
[2012-06-08 09:57:00 | 000,107,008 | ---- | C] () -- C:\Windows\poetunin.exe
[2012-06-08 09:56:22 | 000,077,824 | ---- | C] () -- C:\Windows\zipexe_r.exe
[2012-05-25 23:06:49 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2012-05-15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012-05-13 19:55:04 | 000,002,075 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\SAS7_000.DAT
[2012-04-21 09:24:19 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\qhwm.sys
[2012-03-11 22:35:11 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2012-03-11 22:35:11 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2012-03-11 20:58:34 | 000,155,136 | ---- | C] () -- C:\Windows\System32\AI_ContextMenu.dll
[2012-03-06 00:31:32 | 000,000,001 | ---- | C] () -- C:\ProgramData\RandWTTime.dat
[2012-03-05 23:45:17 | 000,000,026 | -H-- | C] () -- C:\ProgramData\.6b14a35055fac291a0de744e5b9ee9ec.dat
[2012-03-05 23:34:25 | 000,036,864 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll
[2012-03-05 23:34:25 | 000,000,160 | ---- | C] () -- C:\Windows\wpd99.drv
[2012-03-03 15:58:36 | 000,000,120 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012-03-02 20:44:59 | 000,005,002 | ---- | C] () -- C:\ProgramData\mxnhytee.feu
[2012-03-01 23:13:56 | 000,000,100 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012-03-01 02:33:09 | 000,000,041 | ---- | C] () -- C:\Users\Vicky\ziprecovery.ini
[2012-03-01 02:32:20 | 000,000,041 | ---- | C] () -- C:\Users\Vicky\rarrecovery.ini
[2012-03-01 02:17:54 | 000,000,990 | ---- | C] () -- C:\Windows\System32\dcimam45.sys
[2012-02-29 23:52:21 | 000,006,852 | ---- | C] () -- C:\Windows\System32\drivers\Vcs.sys
[2012-01-26 01:26:55 | 000,249,856 | ---- | C] () -- C:\Windows\System32\GSService.exe
[2012-01-25 23:30:15 | 000,039,048 | ---- | C] () -- C:\Windows\System32\drivers\ren2cap.sys
[2012-01-21 19:41:06 | 000,248,832 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-21 19:39:24 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-01-21 19:14:27 | 001,053,056 | ---- | C] () -- C:\Windows\System32\drivers\V2WCDRV.sys
[2012-01-18 04:07:07 | 000,002,256 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2012-01-01 23:16:36 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012-01-01 23:16:36 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012-01-01 23:16:36 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012-01-01 23:16:36 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012-01-01 23:16:36 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012-01-01 23:16:36 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012-01-01 23:16:36 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012-01-01 23:16:36 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012-01-01 23:16:36 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012-01-01 23:16:36 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2012-01-01 23:16:36 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012-01-01 23:16:36 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012-01-01 23:16:36 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012-01-01 23:16:36 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012-01-01 23:16:36 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012-01-01 23:16:36 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2012-01-01 23:16:36 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2012-01-01 23:16:36 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012-01-01 23:16:36 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2012-01-01 23:15:59 | 000,126,976 | ---- | C] () -- C:\Windows\System32\EEBAPI.dll
[2012-01-01 23:15:59 | 000,094,208 | ---- | C] () -- C:\Windows\System32\EEBDSCVR.dll
[2012-01-01 23:15:59 | 000,049,152 | ---- | C] () -- C:\Windows\System32\EBAPI.dll
[2012-01-01 21:39:18 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012-01-01 20:32:54 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012-01-01 19:44:44 | 000,794,906 | ---- | C] () -- C:\Windows\unins000.exe
[2012-01-01 19:44:44 | 000,004,027 | ---- | C] () -- C:\Windows\unins000.dat
[2012-01-01 19:13:08 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dvdtest10024.dat
[2011-12-29 01:44:43 | 000,000,058 | ---- | C] () -- C:\Windows\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011-12-29 01:44:43 | 000,000,058 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011-12-27 18:45:44 | 000,002,033 | ---- | C] () -- C:\ProgramData\search_result.xml
[2011-12-26 21:25:06 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2011-12-26 20:36:14 | 000,655,512 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011-12-26 20:04:11 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-12-26 19:19:13 | 000,029,462 | ---- | C] () -- C:\Windows\System32\netaf932.dll
[2011-11-17 07:10:38 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011-10-09 02:52:38 | 000,315,392 | ---- | C] ( ) -- C:\Windows\System32\sbcrreag.dll
[2011-08-12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011-01-21 12:30:06 | 000,311,296 | ---- | C] () -- C:\Windows\System32\EmRegSys.dll
[2010-07-08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe

========== ZeroAccess Check ==========

[2009-07-14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011-08-30 09:51:25 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Files - Unicode (All) ==========
[2011-12-26 20:49:26 | 000,000,000 | ---- | M] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污
[2011-12-26 20:49:26 | 000,000,000 | ---- | C] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:55B41E6A

< End of report >

The homepage was unaffected. It still changes back. I am also not able to make changes to add-on settings either. I need to uninstall some programs to make space. Can I do that? I was going to transfer some files to my external hard drive before the system got infected. Now I am scared to connect it.

========== OTL ==========
Error: No service named ac08bro8 was found to stop!
Service\Driver key ac08bro8 not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{3d175337-41e3-48eb-a754-493577f658b9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d175337-41e3-48eb-a754-493577f658b9}\ not found.
Prefs.js: "Custom search" removed from browser.search.defaultenginename
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "Custom search" removed from browser.search.selectedEngine
Prefs.js: "http://apype.com" removed from browser.startup.homepage
Prefs.js: "http://apype.com/results.php?q=" removed from keyword.URL
C:\Program Files\Mozilla Firefox\searchplugins\ergative.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\webblog.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3d175337-41e3-48eb-a754-493577f658b9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d175337-41e3-48eb-a754-493577f658b9}\ not found.
C:\Users\Vicky\AppData\Local\~wmrg moved successfully.
C:\Windows\System32\獷楬汢捯污 moved successfully.
File C:\Windows\System32\獷楬汢捯污 not found.
ADS C:\ProgramData\Temp:55B41E6A deleted successfully.

OTL by OldTimer - Version 3.2.66.0 log created on 09272012_043534

Reset didn't work so I copied and replaced all new files with previous ones. Noticed one change though. The homepage showed search.starburnsoftware dot com in the address bar after the reset but it was still apype dot com in the options then. It changed back to showing starwebsearch dot com in the address bar after I replaced all profile files. I really need to quickly free up some space in my computer so I want to delete some softwares. Can I use Revo uninstaller? I also want to uninstall Bitdefender Internet Security 2011 and install Bitdefender Total Security 2013. That might catch the virus its pretty advanced.

Okay this is probably my mistake or maybe you forgot to mention, whatever. I had come across a similar thread as this on this forum which is why I decided to ask for help here. I haven't tried any of the virus removal instructions on that thread but since we have run out of everything, I searched for that thread to check out what really solved the problem. I found that while running avast virus removal tool, I hadn't updated the virus definitions first. So now I scanned after updating it. I didn't click on fix as you had instructed. Here are the logs. Can you please see them and try one more time to fix this? Thanks a lot for your time. If reinstalling firefox is the only option, can I make a backup of bookmarks so that I can recover them after reinstalling or will that make the virus to come back?