OTL logfile created on: 9/18/2013 9:56:12 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = J:\
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.99 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 57.95% Memory free
5.98 Gb Paging File | 4.71 Gb Available in Paging File | 78.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.03 Gb Total Space | 124.71 Gb Free Space | 44.06% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.57 Gb Free Space | 50.45% Space Free | Partition Type: NTFS
Drive J: | 959.97 Mb Total Space | 534.50 Mb Free Space | 55.68% Space Free | Partition Type: FAT
 
Computer Name: DEL-PC | User Name: Del | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/09/18 21:50:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- J:\OTL.exe
PRC - [2013/09/04 12:14:30 | 000,563,200 | ---- | M] (BrowserSafeguard) -- C:\Program Files\Browsersafeguard\BrowserSafeguard.exe
PRC - [2013/02/02 03:27:40 | 000,045,056 | ---- | M] (Intuit) -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/11/01 22:34:08 | 000,062,336 | ---- | M] (DigitalAlbum Inc) -- C:\Program Files\CamToPrint\PassportPhoto\CamToPrintTray.exe
PRC - [2012/08/23 11:42:52 | 001,229,104 | ---- | M] (Anvisoft) -- C:\Program Files\Anvisoft\Anvi Smart Defender\ASDTray.exe
PRC - [2012/08/23 11:42:50 | 000,686,896 | ---- | M] (Anvisoft) -- C:\Program Files\Anvisoft\Anvi Smart Defender\ASDSrv.exe
PRC - [2012/04/11 15:43:09 | 000,232,472 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
PRC - [2012/02/21 12:48:21 | 001,543,704 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
PRC - [2011/08/24 18:30:58 | 000,430,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/10/08 16:15:13 | 000,163,056 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2010/09/21 17:16:17 | 000,439,536 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\AutoUpdate\ALMon.exe
PRC - [2010/06/04 12:23:16 | 000,097,520 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2010/04/27 22:31:19 | 000,128,240 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe
PRC - [2010/04/27 22:31:19 | 000,032,496 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/02/14 19:30:21 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a97f4e39d47dc3d5098150a8b14a9662\Microsoft.VisualBasic.ni.dll
MOD - [2013/02/14 19:26:18 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/01/10 21:36:52 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/01/10 21:36:33 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013/01/10 21:36:29 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/01/10 21:36:28 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/01/10 21:36:21 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2012/08/23 11:42:40 | 000,784,688 | ---- | M] () -- C:\Program Files\Anvisoft\Anvi Smart Defender\sqlite3.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013/02/02 03:27:40 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/08/23 11:42:50 | 000,686,896 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files\Anvisoft\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)
SRV - [2012/04/11 15:43:09 | 000,232,472 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service)
SRV - [2012/02/21 12:48:21 | 001,543,704 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service)
SRV - [2011/08/24 18:30:58 | 000,430,136 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/10/08 16:15:13 | 000,163,056 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2010/07/07 18:40:24 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/06/04 12:23:16 | 000,097,520 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2010/04/27 22:31:19 | 000,128,240 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe -- (Sophos Client Firewall Manager)
SRV - [2010/04/27 22:31:19 | 000,032,496 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe -- (Sophos Client Firewall)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012/08/20 10:23:36 | 000,022,864 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\asdrs.sys -- (asdrs)
DRV - [2012/08/20 10:23:36 | 000,016,208 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\System32\drivers\asdrm.sys -- (asdrm)
DRV - [2012/08/20 10:23:36 | 000,014,160 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\asdws.sys -- (asdws)
DRV - [2012/06/30 11:40:52 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys -- (RapportIaso)
DRV - [2012/05/19 18:50:39 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pssdklbf.sys -- (PSSDKLBF)
DRV - [2012/05/19 18:50:39 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2011/03/18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010/10/08 16:14:55 | 000,122,360 | ---- | M] (Sophos Plc) [File_System | System | Running] -- C:\Windows\System32\drivers\savonaccess.sys -- (SAVOnAccess)
DRV - [2010/07/28 10:19:28 | 000,058,112 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabser.sys -- (silabser)
DRV - [2010/07/28 10:19:28 | 000,047,176 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabenm.sys -- (silabenm)
DRV - [2010/03/31 17:32:28 | 000,086,520 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\drivers\scfdriver.sys -- (scfdriver)
DRV - [2010/03/31 17:32:28 | 000,040,440 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\drivers\scflwf.sys -- (scflwf)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/02/09 11:06:53 | 000,022,536 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\SophosBootDriver.sys -- (SophosBootDriver)
DRV - [2004/10/26 11:22:50 | 000,002,410 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZXxdm040YYgb&ptnrS=ZXxdm040YYgb&si=radiopi&ptb=16D41628-27C8-4D48-A9C8-AE7E41143896&ind=2012120214&n=77ee8496&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3267663&CUI=UN16731329631082750
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=84CE0024E811B7DB&affID=121240&tt=160913_m1&tsp=5009
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {9030D759-13CA-4736-91E2-377D759CFB96}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=84CE0024E811B7DB&affID=121240&tt=160913_m1&tsp=5009
IE - HKCU\..\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZXxdm040YYgb&ptnrS=ZXxdm040YYgb&si=radiopi&ptb=16D41628-27C8-4D48-A9C8-AE7E41143896&ind=2012120214&n=77ee8496&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{9030D759-13CA-4736-91E2-377D759CFB96}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3267663&CUI=UN16731329631082750
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49164;https=127.0.0.1:49164;
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\7go02@7go.com: C:\Users\Del\AppData\Roaming\Mozilla\Extensions\7go02@7go.com [2013/09/18 15:47:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: C:\Users\Del\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013/09/18 15:47:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\7go02@7go.com: C:\Users\Del\AppData\Roaming\Mozilla\Extensions\7go02@7go.com [2013/09/18 15:47:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: C:\Users\Del\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013/09/18 15:47:46 | 000,000,000 | ---D | M]
 
[2013/09/18 15:47:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Del\AppData\Roaming\Mozilla\Extensions
[2013/09/18 15:47:46 | 000,000,000 | ---D | M] (Games by 7Go) -- C:\Users\Del\AppData\Roaming\Mozilla\Extensions\7go02@7go.com
[2013/09/18 15:47:46 | 000,000,000 | ---D | M] (Speed Analysis 3) -- C:\Users\Del\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
[2013/09/18 15:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (Protect My Choices (Beta)) - {3DFCDCA1-AEAC-4302-A690-BFB683568BAA} - C:\Program Files\DigitalAdvertisingAlliance\Protect My Choices\pmc.dll (Digital Advertising Alliance)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3BBD3C14-4C16-4989-8366-95BC9179779D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No CLSID value found.
O4 - HKLM..\Run: [Anvi Smart Defender] C:\Program Files\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
O4 - HKCU..\Run: [BrowserSafeguard] C:\Program Files\Browsersafeguard\BrowserSafeguard.exe (BrowserSafeguard)
O4 - Startup: C:\Users\Del\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Passport Photo.lnk = C:\Program Files\CamToPrint\PassportPhoto\CamToPrintTray.exe (DigitalAlbum Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0A43D7AC-D6C1-4622-B309-BF975F427C0E} https://internetbankingplus1.firstdirect.com/ibplus/frontdoorFD.cab (first direct internet banking plus digital safe)
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} https://moneymanager.egg.com/Pinsafe/accounttracking.cab (Egg Money Manager Digital Safe)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07EB6271-F601-432E-A97D-49E29996489E}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/25 22:06:06 | 000,000,109 | ---- | M] () - C:\AUTOEXEC.001 -- [ NTFS ]
O32 - AutoRun File - [2005/02/10 14:05:08 | 000,000,131 | ---- | M] () - C:\AUTOEXEC.002 -- [ NTFS ]
O32 - AutoRun File - [2004/02/07 17:50:04 | 000,000,057 | ---- | M] () - C:\AUTOEXEC.ADK -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 16:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008/03/26 09:46:00 | 000,000,090 | ---- | M] () - J:\AUTORUN.INF -- [ FAT ]
O33 - MountPoints2\{b1bfd1a0-db9d-11de-8512-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b1bfd1a0-db9d-11de-8512-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SmartAccess\bcont.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/09/18 19:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/09/18 15:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2013/09/18 15:47:46 | 000,000,000 | ---D | C] -- C:\Users\Del\AppData\Roaming\Mozilla
[2013/09/18 15:47:45 | 000,000,000 | ---D | C] -- C:\Users\Del\AppData\Roaming\SpeedAnalysis3
[2013/09/18 15:47:41 | 000,000,000 | ---D | C] -- C:\Users\Del\AppData\Roaming\File Scout
[2013/09/18 15:47:41 | 000,000,000 | ---D | C] -- C:\Users\Del\AppData\Roaming\7go
[2013/09/18 15:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard
[2013/09/18 15:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Browsersafeguard
[2013/09/18 15:42:16 | 000,000,000 | ---D | C] -- C:\ProgramData\BitGuard
[2013/09/18 15:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/09/18 15:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\DSearchLink
[2013/09/17 20:13:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/09/17 20:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/09/13 19:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/09/12 11:32:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/09/18 21:54:45 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/18 21:54:42 | 000,000,490 | ---- | M] () -- C:\Windows\ODBC.INI
[2013/09/18 21:54:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/18 21:54:15 | 2407,403,520 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/18 19:33:58 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/09/18 19:30:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/18 19:25:02 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/18 19:25:02 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/18 15:42:53 | 000,000,072 | ---- | M] () -- C:\Windows\wininit.ini
[2013/09/18 15:27:13 | 000,061,440 | ---- | M] ( ) -- C:\Users\Del\Desktop\VEW.exe
[2013/09/17 20:13:54 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/09/17 20:09:39 | 000,000,166 | ---- | M] () -- C:\Users\Del\Desktop\RegistryFix.reg
[2013/09/17 17:14:11 | 000,000,168 | ---- | M] () -- C:\Users\Del\Documents\RegistryFix.reg
[2013/09/14 14:28:09 | 000,000,971 | ---- | M] () -- C:\Users\Del\Desktop\SpeedFan.lnk
[2013/09/14 14:28:08 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2013/08/27 20:48:14 | 000,911,723 | ---- | M] () -- C:\Users\Del\Desktop\form1 002.jpg
[2013/08/27 20:45:46 | 000,821,898 | ---- | M] () -- C:\Users\Del\Desktop\form2 001.jpg
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/09/18 19:33:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/09/18 19:33:58 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/09/18 15:42:53 | 000,000,072 | ---- | C] () -- C:\Windows\wininit.ini
[2013/09/18 15:27:12 | 000,061,440 | ---- | C] ( ) -- C:\Users\Del\Desktop\VEW.exe
[2013/09/17 20:13:54 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/09/17 20:09:39 | 000,000,166 | ---- | C] () -- C:\Users\Del\Desktop\RegistryFix.reg
[2013/09/17 17:14:11 | 000,000,168 | ---- | C] () -- C:\Users\Del\Documents\RegistryFix.reg
[2013/08/27 20:48:14 | 000,911,723 | ---- | C] () -- C:\Users\Del\Desktop\form1 002.jpg
[2013/08/27 20:45:46 | 000,821,898 | ---- | C] () -- C:\Users\Del\Desktop\form2 001.jpg
[2012/11/25 16:19:48 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/09/08 17:17:20 | 000,014,160 | ---- | C] () -- C:\Windows\System32\drivers\asdws.sys
[2009/12/02 13:37:59 | 000,007,606 | ---- | C] () -- C:\Users\Del\AppData\Local\Resmon.ResmonCfg
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2013/06/29 13:56:52 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$9c0c89676f848c827691b37f700443a0\L
[2013/06/29 13:56:52 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$9c0c89676f848c827691b37f700443a0\U
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/04/29 15:01:01 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\.minecraft
[2013/09/18 15:47:46 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\7go
[2012/09/08 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\Anvisoft
[2012/12/04 11:52:44 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\Babylon
[2012/05/03 19:49:03 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\com.pocruises.LiveShipTracker.A0C66AABAFAD54D5C6C22F9F89EA0FC11C49AF59.1
[2013/09/18 15:47:41 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\File Scout
[2011/08/17 20:07:53 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\FreshDiagnose
[2011/03/02 20:15:46 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\GARMIN
[2012/12/02 21:40:37 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\KC Softwares
[2013/09/18 15:47:46 | 000,000,000 | ---D | M] -- C:\Users\Del\AppData\Roaming\SpeedAnalysis3
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >