Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need help please

Started by mrglondon , May 10 2011 02:07 PM

  • This topic is locked This topic is locked

#16
mrglondon
Posted 14 May 2011 - 11:03 AM

mrglondon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I pressed the fix button first time but it caused my computer to crash. I just went through the OTL fix and my computer crashed again :/
  • 0

Advertisements

#17
Essexboy
Posted 14 May 2011 - 11:08 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you post a fresh OTL scan please
  • 0

#18
mrglondon
Posted 14 May 2011 - 11:18 AM

mrglondon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
OTL logfile created on: 14/05/2011 18:13:00 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Adam Gilbert\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 16.25 Gb Free Space | 43.62% Space Free | Partition Type: NTFS
Drive D: | 34.34 Gb Total Space | 32.74 Gb Free Space | 95.33% Space Free | Partition Type: NTFS
Drive E: | 2.93 Gb Total Space | 1.60 Gb Free Space | 54.72% Space Free | Partition Type: FAT32

Computer Name: ADAM | User Name: Adam Gilbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/14 16:31:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adam Gilbert\My Documents\Downloads\OTL.exe
PRC - [2011/05/04 18:17:20 | 001,617,296 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011/04/30 09:01:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/07 18:01:10 | 000,079,872 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/13 18:41:26 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe
PRC - [2002/02/08 04:10:28 | 000,315,392 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe


========== Modules (SafeList) ==========

MOD - [2011/05/14 16:31:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adam Gilbert\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (aspnet_state)
SRV - [2011/05/04 18:17:20 | 001,617,296 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2011/05/02 16:14:04 | 002,146,496 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/12/29 14:52:40 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2010/09/07 18:01:10 | 000,079,872 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)


========== Driver Services (SafeList) ==========

DRV - [2010/07/06 18:28:45 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/06/22 19:01:50 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/06/10 01:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/01/08 09:42:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/02/22 15:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 15:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 15:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/09/09 19:48:21 | 000,029,184 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV52.sys -- (SSHDRV52)
DRV - [2005/05/24 15:01:16 | 000,077,040 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005/05/24 15:00:56 | 000,079,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005/05/24 15:00:46 | 000,087,424 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005/05/24 15:00:44 | 000,006,096 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005/05/24 15:00:37 | 000,052,384 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005/02/11 10:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005/02/11 10:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005/02/11 10:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005/02/11 10:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005/02/11 10:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/02/21 10:25:22 | 000,019,153 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2002/10/20 21:26:14 | 000,027,008 | R--- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dlh5x.sys -- (DLH5X)
DRV - [2002/10/15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/02/28 01:49:30 | 000,471,407 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTXH51.sys -- (ham50)
DRV - [2002/02/08 22:30:56 | 000,381,824 | ---- | M] (ATI Technologies Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002/01/03 02:00:00 | 000,523,392 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sbpci.sys -- (sbpci) SB PCI Family Audio Driver (WDM)
DRV - [2001/10/12 16:47:50 | 000,288,860 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2001/08/17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 12:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1999/12/17 01:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.client...fo/bt_side.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.staples.co.uk
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.staples.co.uk
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.staples.co.uk
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.staples.co.uk
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-516276246-239712180-3615762775-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-516276246-239712180-3615762775-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
IE - HKU\S-1-5-21-516276246-239712180-3615762775-1005\..\URLSearchHook: _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-516276246-239712180-3615762775-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-516276246-239712180-3615762775-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.uk/"
FF - prefs.js..extensions.enabledItems: [email protected]:5.1
FF - prefs.js..extensions.enabledItems: ConsumerInput@Compete:7565
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.0
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 09:01:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 09:01:25 | 000,000,000 | ---D | M]

[2008/11/20 19:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Extensions
[2011/05/13 08:27:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions
[2011/02/16 14:06:25 | 000,000,000 | ---D | M] ("Consumer Input") -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions\ConsumerInput@Compete
[2011/05/07 14:45:02 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions\[email protected]
[2010/10/28 11:33:57 | 000,001,154 | ---- | M] () -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\searchplugins\yahoo-search.xml
[2011/05/13 08:27:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/31 19:01:06 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/07 14:05:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/06 23:08:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/06 10:29:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/05/09 19:48:38 | 000,000,000 | ---D | M] (PlaySushi TextLinks) -- C:\DOCUMENTS AND SETTINGS\ADAM GILBERT\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2010/04/09 12:25:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/20 21:23:26 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/10/20 21:23:26 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/10/20 21:23:26 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/10/20 21:23:26 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/05/14 17:38:52 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - File not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - File not found
O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll (Microsoft Corporation)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O3 - HKU\S-1-5-21-516276246-239712180-3615762775-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
O4 - HKLM..\Run: [AtiPTA] File not found
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CTNotify.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [msnappau] C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-516276246-239712180-3615762775-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Go PlaySushi! - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - File not found
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} http://www.miniclip....pGameLoader.dll (CR64Loader Object)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} http://us.dl1.yimg.c...nst20040510.cab (YInstStarter Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by101fd.bay10...es/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1227029579404 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231257881562 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pdownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab32846.cab (ZoneIntro Class)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://us.dl1.yimg.c...utocomplete.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://signin3.valu...018/flashax.cab (FlashXControl Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/29 21:03:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{da2439fe-5303-11df-bd50-000f3df3e821}\Shell\Shell00\Command - "" = H:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/14 17:38:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/14 15:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/05/14 15:47:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam Gilbert\Desktop\pictures
[2011/05/12 11:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/05/12 11:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/05/08 19:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/05/08 19:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/05/07 14:45:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam Gilbert\Application Data\Bandoo
[2011/05/07 14:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bandoo
[2011/05/07 14:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bandoo
[2011/05/07 14:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2011/05/05 13:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/14 18:01:46 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/14 18:01:46 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/05/14 18:01:02 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/05/14 18:00:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/14 18:00:34 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/14 17:59:37 | 000,000,196 | ---- | M] () -- C:\WINDOWS\System32\drivers\ALCICH.DAT
[2011/05/14 17:35:17 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Adam Gilbert\Desktop\MBR.dat
[2011/05/14 17:23:22 | 000,012,694 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/10 20:24:50 | 000,000,873 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2011/05/08 19:33:47 | 805,306,368 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/05/07 16:54:17 | 000,023,148 | -H-- | M] () -- C:\WINDOWS\System32\Atmenuxx.GID
[2011/05/04 18:17:50 | 001,524,112 | ---- | M] () -- C:\WINDOWS\System32\bandoolmx.dll
[2011/04/22 14:30:03 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/04/16 07:13:43 | 000,496,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/15 21:54:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/14 17:13:49 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Desktop\MBR.dat
[2011/05/10 20:33:46 | 2147,012,608 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/07 14:44:35 | 001,524,112 | ---- | C] () -- C:\WINDOWS\System32\bandoolmx.dll
[2011/04/22 14:33:16 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/22 14:33:16 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/06/11 22:42:09 | 000,112,264 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/07 15:03:08 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/10/05 13:18:47 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/08/07 20:21:58 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/08/07 20:21:58 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/08/07 20:21:34 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\$_hpcst$.hpc
[2008/11/19 18:24:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/11/18 19:06:03 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/03/31 16:06:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/10/31 15:28:37 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\ViewerApp.dat
[2006/08/02 13:53:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/08/02 13:51:18 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/04/11 15:19:46 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2006/02/13 19:58:02 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\com.kennettnet.PodUtil.plist
[2005/12/29 14:26:06 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/09/09 19:48:21 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV52.sys
[2005/05/26 22:43:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/26 22:43:05 | 000,003,308 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/02/25 14:49:53 | 000,000,538 | ---- | C] () -- C:\WINDOWS\SGREP32.INI
[2004/12/10 13:32:22 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\user52.rdb
[2004/08/12 14:34:12 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2004/01/13 18:17:52 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2003/12/29 00:33:51 | 000,000,041 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/12/04 17:09:32 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/12/04 17:09:32 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/12/04 17:09:32 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/06/12 17:12:25 | 000,000,474 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/12/30 20:45:56 | 000,000,282 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2002/12/20 15:11:10 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2002/12/17 17:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2002/10/27 23:14:58 | 000,000,162 | ---- | C] () -- C:\WINDOWS\CTRec.INI
[2002/10/26 14:03:47 | 000,016,896 | ---- | C] () -- C:\WINDOWS\GpUnInst.exe
[2002/10/26 14:01:25 | 000,024,576 | ---- | C] () -- C:\WINDOWS\dphoun.exe
[2002/10/26 14:00:26 | 000,140,800 | ---- | C] () -- C:\WINDOWS\serifun.exe
[2002/10/25 18:41:15 | 000,000,063 | ---- | C] () -- C:\WINDOWS\GSPCV.INI
[2002/10/25 18:39:29 | 000,000,147 | ---- | C] () -- C:\WINDOWS\TravManG.INI
[2002/09/16 19:04:44 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002/09/16 19:03:03 | 000,000,104 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2002/09/14 20:35:56 | 000,000,196 | ---- | C] () -- C:\WINDOWS\System32\drivers\ALCICH.DAT
[2002/09/13 12:09:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2002/09/11 21:48:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2002/09/11 21:29:07 | 000,000,128 | ---- | C] () -- C:\WINDOWS\msje8tp.dat
[2002/09/11 20:19:00 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\sversion.ini
[2002/09/10 08:44:52 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\SGWebBrowser.dll
[2002/09/10 08:44:30 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\SGCtrlEx.dll
[2002/09/10 08:44:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SageFolderBrowser.dll
[2002/09/10 08:43:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\SGTBAR32.DLL
[2002/09/10 08:43:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGSTAT32.DLL
[2002/09/10 08:43:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGLOGO32.DLL
[2002/09/10 08:43:28 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\SGJPEG32.dll
[2002/09/10 08:43:04 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\SGCDLG32.DLL
[2002/09/10 08:42:24 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\SGLIST32.DLL
[2002/09/10 08:41:52 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\SGTOOL32.DLL
[2002/09/10 08:41:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\SGINTL32.DLL
[2002/09/10 08:41:30 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SGDT32.DLL
[2002/09/10 08:41:26 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SGHELP32.DLL
[2002/09/10 08:41:16 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SGAPPBAR.DLL
[2002/09/10 08:41:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SG3D32.DLL
[2002/09/10 08:41:02 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SGCOM32.DLL
[2002/09/06 18:10:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\REPDES32.EXE
[2002/09/06 18:10:44 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\SGLCH32.DLL
[2002/09/06 18:00:46 | 001,552,384 | ---- | C] () -- C:\WINDOWS\System32\SGREP32.DLL
[2002/07/07 17:13:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2002/07/07 16:59:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2002/06/30 09:49:22 | 000,105,292 | ---- | C] () -- C:\WINDOWS\restart.exe
[2002/05/20 18:47:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\uinst001.exe
[2002/05/20 11:42:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/05/20 03:12:51 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2002/05/20 02:52:59 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2002/05/20 02:46:21 | 000,000,873 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/05/20 02:44:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/05/20 02:38:19 | 000,022,736 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/05/19 19:32:32 | 000,004,315 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/05/19 19:31:34 | 000,496,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/05/19 17:25:13 | 000,001,384 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/05/19 17:24:37 | 000,338,658 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/05/19 17:24:37 | 000,052,216 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/05/19 17:24:32 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/04/16 12:27:54 | 000,000,005 | -HS- | C] () -- C:\WINDOWS\System32\CdI5T.drv
[2001/09/04 12:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/09/04 12:10:20 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2000/05/08 05:20:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\trayhook.dll
[2000/05/08 05:20:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\sointgr.exe
[1999/10/25 11:53:58 | 000,000,008 | ---- | C] () -- C:\WINDOWS\SAGE.INI
[1999/01/22 19:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/03/26 02:12:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SgHmZLib.dll
[1998/01/12 09:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2005/06/23 21:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\agukuk2005
[2010/06/30 14:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Amazon
[2011/05/07 14:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Bandoo
[2009/01/04 17:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\bang
[2010/03/28 14:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Facebook
[2010/12/03 15:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\HTC
[2002/05/20 03:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\InterTrust
[2002/07/07 17:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\InterVideo
[2005/10/03 13:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Leadertech
[2009/06/03 15:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Nokia
[2010/07/15 12:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\RegistryTool
[2010/05/31 18:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Samsung
[2002/09/11 21:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Steinberg
[2010/03/18 00:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\yoclient
[2011/05/07 14:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bandoo
[2008/11/22 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2008/11/22 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microgaming
[2004/08/11 17:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2011/05/05 13:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/07/15 12:15:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}
[2009/11/05 11:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/28 20:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2002/05/20 03:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterTrust
[2002/07/07 17:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterVideo
[2002/05/20 03:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterTrust
[2002/07/07 17:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2002/05/20 03:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InterTrust
[2002/07/07 17:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InterVideo
[2004/09/16 19:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ubisoft
[2011/05/14 18:01:02 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\vga.dll:SummaryInformation

< End of report >
  • 0

#19
Essexboy
Posted 14 May 2011 - 11:23 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OTL cleared the files and you can now post as opposed to attach :) Has the speed improved somewhat ? Also what problems do you have now ?

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#20
mrglondon
Posted 14 May 2011 - 12:01 PM

mrglondon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Hi, the load up of computer is faster however It is still slow to open internet browser.
  • 0

#21
Essexboy
Posted 14 May 2011 - 12:03 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you post the MBAM log please ... Also what is your antivirus ?
  • 0

#22
mrglondon
Posted 14 May 2011 - 12:05 PM

mrglondon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Anti virus is ad aware. log attached.

Attached Files


  • 0

#23
Essexboy
Posted 14 May 2011 - 12:07 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is this problem with Firefox, IE or both

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    [2010/05/07 14:05:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/08/06 23:08:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#24
mrglondon
Posted 14 May 2011 - 12:22 PM

mrglondon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
its very slow when opening just firefox.

All processes killed
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
C:\Documents and Settings\Adam Gilbert\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Adam Gilbert\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Adam Gilbert
->Temp folder emptied: 26022772 bytes
->Temporary Internet Files folder emptied: 69629 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45082308 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 434 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temporary Internet Files folder emptied: 111637834 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 79490905 bytes
->Flash cache emptied: 3009 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 473063441 bytes
->Flash cache emptied: 18688 bytes

User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49286 bytes

User: user
->Temp folder emptied: 167476 bytes
->Temporary Internet Files folder emptied: 49286 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1138618 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 43853502 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 448875 bytes
RecycleBin emptied: 4200 bytes

Total Files Cleaned = 745.00 mb


[EMPTYFLASH]

User: Adam Gilbert
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Guest

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Owner

User: user

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05142011_191108

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\CitrixLogs\GoToAssist\570\G2AProcessFactory_0.log scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\CitrixLogs\GoToAssist\570\G2AProcessFactory_0_last.log not found!

Registry entries deleted on Reboot...
  • 0

#25
mrglondon
Posted 14 May 2011 - 12:29 PM

mrglondon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
whats the best free antivirus i can use which wont slow down my computer?

OTL logfile created on: 14/05/2011 19:23:44 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Adam Gilbert\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 18.47 Gb Free Space | 49.58% Space Free | Partition Type: NTFS
Drive D: | 34.34 Gb Total Space | 32.74 Gb Free Space | 95.33% Space Free | Partition Type: NTFS
Drive E: | 2.93 Gb Total Space | 1.60 Gb Free Space | 54.72% Space Free | Partition Type: FAT32

Computer Name: ADAM | User Name: Adam Gilbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/14 19:09:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adam Gilbert\My Documents\Downloads\OTL.exe
PRC - [2011/05/04 18:17:20 | 001,617,296 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011/04/30 09:01:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/07 18:01:10 | 000,079,872 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/04/14 01:12:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/13 18:41:26 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe
PRC - [2002/02/08 04:10:28 | 000,315,392 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe


========== Modules (SafeList) ==========

MOD - [2011/05/14 19:09:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adam Gilbert\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (aspnet_state)
SRV - [2011/05/04 18:17:20 | 001,617,296 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2010/12/29 14:52:40 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2010/09/07 18:01:10 | 000,079,872 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)


========== Driver Services (SafeList) ==========

DRV - [2010/07/06 18:28:45 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/06/22 19:01:50 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/06/10 01:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/01/08 09:42:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/02/22 15:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 15:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 15:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/09/09 19:48:21 | 000,029,184 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV52.sys -- (SSHDRV52)
DRV - [2005/05/24 15:01:16 | 000,077,040 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005/05/24 15:00:56 | 000,079,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005/05/24 15:00:46 | 000,087,424 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005/05/24 15:00:44 | 000,006,096 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005/05/24 15:00:37 | 000,052,384 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005/02/11 10:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005/02/11 10:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005/02/11 10:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005/02/11 10:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005/02/11 10:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/02/21 10:25:22 | 000,019,153 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2002/10/20 21:26:14 | 000,027,008 | R--- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dlh5x.sys -- (DLH5X)
DRV - [2002/10/15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/02/28 01:49:30 | 000,471,407 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTXH51.sys -- (ham50)
DRV - [2002/02/08 22:30:56 | 000,381,824 | ---- | M] (ATI Technologies Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002/01/03 02:00:00 | 000,523,392 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sbpci.sys -- (sbpci) SB PCI Family Audio Driver (WDM)
DRV - [2001/10/12 16:47:50 | 000,288,860 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2001/08/17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 12:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1999/12/17 01:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.client...fo/bt_side.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
IE - HKCU\..\URLSearchHook: _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.uk/"
FF - prefs.js..extensions.enabledItems: [email protected]:5.1
FF - prefs.js..extensions.enabledItems: ConsumerInput@Compete:7565
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 09:01:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 09:01:25 | 000,000,000 | ---D | M]

[2008/11/20 19:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Extensions
[2011/05/13 08:27:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions
[2011/02/16 14:06:25 | 000,000,000 | ---D | M] ("Consumer Input") -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions\ConsumerInput@Compete
[2011/05/07 14:45:02 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions\[email protected]
[2010/10/28 11:33:57 | 000,001,154 | ---- | M] () -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\searchplugins\yahoo-search.xml
[2011/05/14 19:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/31 19:01:06 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/11/06 10:29:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/04/09 12:25:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/20 21:23:26 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/10/20 21:23:26 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/10/20 21:23:26 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/10/20 21:23:26 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/05/14 19:11:12 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - File not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - File not found
O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll (Microsoft Corporation)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O4 - HKLM..\Run: [AtiPTA] File not found
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CTNotify.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [msnappau] C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Go PlaySushi! - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - File not found
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} http://www.miniclip....pGameLoader.dll (CR64Loader Object)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} http://us.dl1.yimg.c...nst20040510.cab (YInstStarter Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by101fd.bay10...es/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1227029579404 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231257881562 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pdownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab32846.cab (ZoneIntro Class)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://us.dl1.yimg.c...utocomplete.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://signin3.valu...018/flashax.cab (FlashXControl Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/29 21:03:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{da2439fe-5303-11df-bd50-000f3df3e821}\Shell\Shell00\Command - "" = H:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/14 18:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam Gilbert\Application Data\Malwarebytes
[2011/05/14 18:26:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/14 18:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/14 18:26:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/14 18:26:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/14 18:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/14 17:38:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/14 15:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/05/14 15:47:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam Gilbert\Desktop\pictures
[2011/05/12 11:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/05/12 11:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/05/08 19:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/05/08 19:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/05/07 14:45:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam Gilbert\Application Data\Bandoo
[2011/05/07 14:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bandoo
[2011/05/07 14:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bandoo
[2011/05/07 14:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2011/05/05 13:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[1 C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/14 19:19:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/14 19:19:48 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/14 19:18:54 | 000,000,196 | ---- | M] () -- C:\WINDOWS\System32\drivers\ALCICH.DAT
[2011/05/14 19:11:12 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/05/14 18:26:54 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/14 18:01:46 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/14 18:01:46 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/05/14 18:01:02 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/05/14 17:23:22 | 000,012,694 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/10 20:24:50 | 000,000,873 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2011/05/08 19:33:47 | 805,306,368 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/05/07 16:54:17 | 000,023,148 | -H-- | M] () -- C:\WINDOWS\System32\Atmenuxx.GID
[2011/05/04 18:17:50 | 001,524,112 | ---- | M] () -- C:\WINDOWS\System32\bandoolmx.dll
[2011/04/16 07:13:43 | 000,496,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/15 21:54:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/14 18:26:54 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/10 20:33:46 | 2147,012,608 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/07 14:44:35 | 001,524,112 | ---- | C] () -- C:\WINDOWS\System32\bandoolmx.dll
[2011/04/22 14:33:16 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/22 14:33:16 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/06/11 22:42:09 | 000,112,264 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/07 15:03:08 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/08/07 20:21:58 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/08/07 20:21:58 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/08/07 20:21:34 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\$_hpcst$.hpc
[2008/11/19 18:24:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/11/18 19:06:03 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/03/31 16:06:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/10/31 15:28:37 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\ViewerApp.dat
[2006/08/02 13:53:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/08/02 13:51:18 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/04/11 15:19:46 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2006/02/13 19:58:02 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\com.kennettnet.PodUtil.plist
[2005/12/29 14:26:06 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/09/09 19:48:21 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV52.sys
[2005/05/26 22:43:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/26 22:43:05 | 000,003,308 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/02/25 14:49:53 | 000,000,538 | ---- | C] () -- C:\WINDOWS\SGREP32.INI
[2004/12/10 13:32:22 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\user52.rdb
[2004/08/12 14:34:12 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2004/01/13 18:17:52 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2003/12/29 00:33:51 | 000,000,041 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/12/04 17:09:32 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/12/04 17:09:32 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/12/04 17:09:32 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/06/12 17:12:25 | 000,000,474 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/12/30 20:45:56 | 000,000,282 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2002/12/20 15:11:10 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2002/12/17 17:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2002/10/27 23:14:58 | 000,000,162 | ---- | C] () -- C:\WINDOWS\CTRec.INI
[2002/10/26 14:03:47 | 000,016,896 | ---- | C] () -- C:\WINDOWS\GpUnInst.exe
[2002/10/26 14:01:25 | 000,024,576 | ---- | C] () -- C:\WINDOWS\dphoun.exe
[2002/10/26 14:00:26 | 000,140,800 | ---- | C] () -- C:\WINDOWS\serifun.exe
[2002/10/25 18:41:15 | 000,000,063 | ---- | C] () -- C:\WINDOWS\GSPCV.INI
[2002/10/25 18:39:29 | 000,000,147 | ---- | C] () -- C:\WINDOWS\TravManG.INI
[2002/09/16 19:04:44 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002/09/16 19:03:03 | 000,000,104 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2002/09/14 20:35:56 | 000,000,196 | ---- | C] () -- C:\WINDOWS\System32\drivers\ALCICH.DAT
[2002/09/13 12:09:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2002/09/11 21:48:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2002/09/11 21:29:07 | 000,000,128 | ---- | C] () -- C:\WINDOWS\msje8tp.dat
[2002/09/11 20:19:00 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\sversion.ini
[2002/09/10 08:44:52 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\SGWebBrowser.dll
[2002/09/10 08:44:30 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\SGCtrlEx.dll
[2002/09/10 08:44:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SageFolderBrowser.dll
[2002/09/10 08:43:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\SGTBAR32.DLL
[2002/09/10 08:43:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGSTAT32.DLL
[2002/09/10 08:43:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGLOGO32.DLL
[2002/09/10 08:43:28 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\SGJPEG32.dll
[2002/09/10 08:43:04 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\SGCDLG32.DLL
[2002/09/10 08:42:24 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\SGLIST32.DLL
[2002/09/10 08:41:52 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\SGTOOL32.DLL
[2002/09/10 08:41:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\SGINTL32.DLL
[2002/09/10 08:41:30 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SGDT32.DLL
[2002/09/10 08:41:26 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SGHELP32.DLL
[2002/09/10 08:41:16 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SGAPPBAR.DLL
[2002/09/10 08:41:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SG3D32.DLL
[2002/09/10 08:41:02 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SGCOM32.DLL
[2002/09/06 18:10:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\REPDES32.EXE
[2002/09/06 18:10:44 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\SGLCH32.DLL
[2002/09/06 18:00:46 | 001,552,384 | ---- | C] () -- C:\WINDOWS\System32\SGREP32.DLL
[2002/07/07 17:13:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2002/07/07 16:59:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2002/06/30 09:49:22 | 000,105,292 | ---- | C] () -- C:\WINDOWS\restart.exe
[2002/05/20 18:47:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\uinst001.exe
[2002/05/20 11:42:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/05/20 03:12:51 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2002/05/20 02:52:59 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2002/05/20 02:46:21 | 000,000,873 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/05/20 02:44:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/05/20 02:38:19 | 000,022,736 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/05/19 19:32:32 | 000,004,315 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/05/19 19:31:34 | 000,496,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/05/19 17:25:13 | 000,001,384 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/05/19 17:24:37 | 000,338,658 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/05/19 17:24:37 | 000,052,216 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/05/19 17:24:32 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/04/16 12:27:54 | 000,000,005 | -HS- | C] () -- C:\WINDOWS\System32\CdI5T.drv
[2001/09/04 12:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/09/04 12:10:20 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2000/05/08 05:20:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\trayhook.dll
[2000/05/08 05:20:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\sointgr.exe
[1999/10/25 11:53:58 | 000,000,008 | ---- | C] () -- C:\WINDOWS\SAGE.INI
[1999/01/22 19:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/03/26 02:12:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SgHmZLib.dll
[1998/01/12 09:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2005/06/23 21:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\agukuk2005
[2010/06/30 14:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Amazon
[2011/05/07 14:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Bandoo
[2009/01/04 17:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\bang
[2010/03/28 14:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Facebook
[2010/12/03 15:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\HTC
[2002/05/20 03:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\InterTrust
[2002/07/07 17:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\InterVideo
[2005/10/03 13:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Leadertech
[2009/06/03 15:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Nokia
[2010/07/15 12:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\RegistryTool
[2010/05/31 18:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Samsung
[2002/09/11 21:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Steinberg
[2010/03/18 00:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\yoclient
[2011/05/07 14:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bandoo
[2008/11/22 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2008/11/22 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microgaming
[2004/08/11 17:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2011/05/05 13:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2009/11/05 11:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/28 20:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/14 18:01:02 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\vga.dll:SummaryInformation

< End of report >
  • 0

Advertisements

#26
Essexboy
Posted 14 May 2011 - 12:34 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
ConsumerInput@Compete did you install this in Firefox ?

As for antivirus - I use Avast and find that it suits me being light and unnoticeable
  • 0

#27
mrglondon
Posted 14 May 2011 - 12:36 PM

mrglondon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I have no idea what that is :/
  • 0

#28
Essexboy
Posted 14 May 2011 - 12:39 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK 'tis history :) Try FF again and let me know if that makes a difference

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    FF - prefs.js..extensions.enabledItems: ConsumerInput@Compete:7565
    [2011/02/16 14:06:25 | 000,000,000 | ---D | M] ("Consumer Input") -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions\ConsumerInput@Compete
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
    O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - File not found

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#29
mrglondon
Posted 14 May 2011 - 12:58 PM

mrglondon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
thank you so much for your help, it is running so much better.

OTL logfile created on: 14/05/2011 19:53:29 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Adam Gilbert\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 18.47 Gb Free Space | 49.58% Space Free | Partition Type: NTFS
Drive D: | 34.34 Gb Total Space | 32.74 Gb Free Space | 95.33% Space Free | Partition Type: NTFS
Drive E: | 2.93 Gb Total Space | 1.60 Gb Free Space | 54.72% Space Free | Partition Type: FAT32

Computer Name: ADAM | User Name: Adam Gilbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/14 19:09:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adam Gilbert\Desktop\OTL.exe
PRC - [2011/05/04 18:17:20 | 001,617,296 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011/04/30 09:01:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/07 18:01:10 | 000,079,872 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/04/14 01:12:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/13 18:41:26 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe
PRC - [2002/02/08 04:10:28 | 000,315,392 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe


========== Modules (SafeList) ==========

MOD - [2011/05/14 19:09:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adam Gilbert\Desktop\OTL.exe
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (aspnet_state)
SRV - [2011/05/04 18:17:20 | 001,617,296 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2010/12/29 14:52:40 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2010/09/07 18:01:10 | 000,079,872 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)


========== Driver Services (SafeList) ==========

DRV - [2010/07/06 18:28:45 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/06/22 19:01:50 | 000,021,248 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/06/10 01:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/01/08 09:42:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/02/22 15:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 15:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 15:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/09/09 19:48:21 | 000,029,184 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV52.sys -- (SSHDRV52)
DRV - [2005/05/24 15:01:16 | 000,077,040 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005/05/24 15:00:56 | 000,079,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005/05/24 15:00:46 | 000,087,424 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005/05/24 15:00:44 | 000,006,096 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005/05/24 15:00:37 | 000,052,384 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005/02/11 10:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005/02/11 10:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005/02/11 10:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005/02/11 10:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005/02/11 10:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/02/21 10:25:22 | 000,019,153 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2002/10/20 21:26:14 | 000,027,008 | R--- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dlh5x.sys -- (DLH5X)
DRV - [2002/10/15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/02/28 01:49:30 | 000,471,407 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTXH51.sys -- (ham50)
DRV - [2002/02/08 22:30:56 | 000,381,824 | ---- | M] (ATI Technologies Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002/01/03 02:00:00 | 000,523,392 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sbpci.sys -- (sbpci) SB PCI Family Audio Driver (WDM)
DRV - [2001/10/12 16:47:50 | 000,288,860 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2001/08/17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 12:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1999/12/17 01:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.client...fo/bt_side.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
IE - HKCU\..\URLSearchHook: _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.uk/"
FF - prefs.js..extensions.enabledItems: [email protected]:5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 09:01:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 09:01:25 | 000,000,000 | ---D | M]

[2008/11/20 19:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Extensions
[2011/05/14 19:52:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions
[2011/05/07 14:45:02 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\extensions\[email protected]
[2010/10/28 11:33:57 | 000,001,154 | ---- | M] () -- C:\Documents and Settings\Adam Gilbert\Application Data\Mozilla\Firefox\Profiles\8pswk0wc.default\searchplugins\yahoo-search.xml
[2011/05/14 19:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/31 19:01:06 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/11/06 10:29:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/04/09 12:25:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/20 21:23:26 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/10/20 21:23:26 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/10/20 21:23:26 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/10/20 21:23:26 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/05/14 19:43:10 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - File not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll (Microsoft Corporation)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O4 - HKLM..\Run: [AtiPTA] File not found
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CTNotify.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [msnappau] C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-gb\msnappau.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Go PlaySushi! - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - File not found
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} http://www.miniclip....pGameLoader.dll (CR64Loader Object)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} http://us.dl1.yimg.c...nst20040510.cab (YInstStarter Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by101fd.bay10...es/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1227029579404 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231257881562 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn...pdownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab32846.cab (ZoneIntro Class)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://us.dl1.yimg.c...utocomplete.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://signin3.valu...018/flashax.cab (FlashXControl Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/29 21:03:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{da2439fe-5303-11df-bd50-000f3df3e821}\Shell\Shell00\Command - "" = H:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/14 19:09:57 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Adam Gilbert\Desktop\OTL.exe
[2011/05/14 18:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam Gilbert\Application Data\Malwarebytes
[2011/05/14 18:26:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/14 18:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/14 18:26:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/14 18:26:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/14 18:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/14 17:38:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/14 15:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/05/14 15:47:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam Gilbert\Desktop\pictures
[2011/05/12 11:16:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/05/12 11:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/05/08 19:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/05/08 19:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/05/07 14:45:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam Gilbert\Application Data\Bandoo
[2011/05/07 14:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bandoo
[2011/05/07 14:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bandoo
[2011/05/07 14:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2011/05/05 13:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[1 C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/14 19:50:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/14 19:50:38 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/14 19:49:40 | 000,000,196 | ---- | M] () -- C:\WINDOWS\System32\drivers\ALCICH.DAT
[2011/05/14 19:43:10 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/05/14 19:09:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adam Gilbert\Desktop\OTL.exe
[2011/05/14 18:26:54 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/14 18:01:46 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/14 18:01:46 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/05/14 18:01:02 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/05/14 17:23:22 | 000,012,694 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/10 20:24:50 | 000,000,873 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2011/05/08 19:33:47 | 805,306,368 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/05/07 16:54:17 | 000,023,148 | -H-- | M] () -- C:\WINDOWS\System32\Atmenuxx.GID
[2011/05/04 18:17:50 | 001,524,112 | ---- | M] () -- C:\WINDOWS\System32\bandoolmx.dll
[2011/04/16 07:13:43 | 000,496,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/15 21:54:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/14 18:26:54 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/10 20:33:46 | 2147,012,608 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/07 14:44:35 | 001,524,112 | ---- | C] () -- C:\WINDOWS\System32\bandoolmx.dll
[2011/04/22 14:33:16 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/22 14:33:16 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/06/11 22:42:09 | 000,112,264 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/07 15:03:08 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/08/07 20:21:58 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/08/07 20:21:58 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/08/07 20:21:34 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\$_hpcst$.hpc
[2008/11/19 18:24:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/11/18 19:06:03 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/03/31 16:06:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/10/31 15:28:37 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\ViewerApp.dat
[2006/08/02 13:53:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/08/02 13:51:18 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/04/11 15:19:46 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2006/02/13 19:58:02 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\com.kennettnet.PodUtil.plist
[2005/12/29 14:26:06 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/09/09 19:48:21 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV52.sys
[2005/05/26 22:43:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/26 22:43:05 | 000,003,308 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/02/25 14:49:53 | 000,000,538 | ---- | C] () -- C:\WINDOWS\SGREP32.INI
[2004/12/10 13:32:22 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\user52.rdb
[2004/08/12 14:34:12 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2004/01/13 18:17:52 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2003/12/29 00:33:51 | 000,000,041 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/12/04 17:09:32 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003/12/04 17:09:32 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003/12/04 17:09:32 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003/06/12 17:12:25 | 000,000,474 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/12/30 20:45:56 | 000,000,282 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2002/12/20 15:11:10 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2002/12/17 17:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2002/10/27 23:14:58 | 000,000,162 | ---- | C] () -- C:\WINDOWS\CTRec.INI
[2002/10/26 14:03:47 | 000,016,896 | ---- | C] () -- C:\WINDOWS\GpUnInst.exe
[2002/10/26 14:01:25 | 000,024,576 | ---- | C] () -- C:\WINDOWS\dphoun.exe
[2002/10/26 14:00:26 | 000,140,800 | ---- | C] () -- C:\WINDOWS\serifun.exe
[2002/10/25 18:41:15 | 000,000,063 | ---- | C] () -- C:\WINDOWS\GSPCV.INI
[2002/10/25 18:39:29 | 000,000,147 | ---- | C] () -- C:\WINDOWS\TravManG.INI
[2002/09/16 19:04:44 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2002/09/16 19:03:03 | 000,000,104 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2002/09/14 20:35:56 | 000,000,196 | ---- | C] () -- C:\WINDOWS\System32\drivers\ALCICH.DAT
[2002/09/13 12:09:01 | 000,000,069 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2002/09/11 21:48:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2002/09/11 21:29:07 | 000,000,128 | ---- | C] () -- C:\WINDOWS\msje8tp.dat
[2002/09/11 20:19:00 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Adam Gilbert\Application Data\sversion.ini
[2002/09/10 08:44:52 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\SGWebBrowser.dll
[2002/09/10 08:44:30 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\SGCtrlEx.dll
[2002/09/10 08:44:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SageFolderBrowser.dll
[2002/09/10 08:43:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\SGTBAR32.DLL
[2002/09/10 08:43:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGSTAT32.DLL
[2002/09/10 08:43:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGLOGO32.DLL
[2002/09/10 08:43:28 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\SGJPEG32.dll
[2002/09/10 08:43:04 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\SGCDLG32.DLL
[2002/09/10 08:42:24 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\SGLIST32.DLL
[2002/09/10 08:41:52 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\SGTOOL32.DLL
[2002/09/10 08:41:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\SGINTL32.DLL
[2002/09/10 08:41:30 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SGDT32.DLL
[2002/09/10 08:41:26 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SGHELP32.DLL
[2002/09/10 08:41:16 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SGAPPBAR.DLL
[2002/09/10 08:41:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SG3D32.DLL
[2002/09/10 08:41:02 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SGCOM32.DLL
[2002/09/06 18:10:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\REPDES32.EXE
[2002/09/06 18:10:44 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\SGLCH32.DLL
[2002/09/06 18:00:46 | 001,552,384 | ---- | C] () -- C:\WINDOWS\System32\SGREP32.DLL
[2002/07/07 17:13:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2002/07/07 16:59:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2002/06/30 09:49:22 | 000,105,292 | ---- | C] () -- C:\WINDOWS\restart.exe
[2002/05/20 18:47:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\uinst001.exe
[2002/05/20 11:42:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/05/20 03:12:51 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2002/05/20 02:52:59 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2002/05/20 02:46:21 | 000,000,873 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/05/20 02:44:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/05/20 02:38:19 | 000,022,736 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/05/19 19:32:32 | 000,004,315 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/05/19 19:31:34 | 000,496,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/05/19 17:25:13 | 000,001,384 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2002/05/19 17:24:37 | 000,338,658 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/05/19 17:24:37 | 000,052,216 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/05/19 17:24:32 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/04/16 12:27:54 | 000,000,005 | -HS- | C] () -- C:\WINDOWS\System32\CdI5T.drv
[2001/09/04 12:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/09/04 12:10:20 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2000/05/08 05:20:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\trayhook.dll
[2000/05/08 05:20:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\sointgr.exe
[1999/10/25 11:53:58 | 000,000,008 | ---- | C] () -- C:\WINDOWS\SAGE.INI
[1999/01/22 19:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/03/26 02:12:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SgHmZLib.dll
[1998/01/12 09:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2005/06/23 21:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\agukuk2005
[2010/06/30 14:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Amazon
[2011/05/07 14:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Bandoo
[2009/01/04 17:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\bang
[2010/03/28 14:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Facebook
[2010/12/03 15:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\HTC
[2002/05/20 03:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\InterTrust
[2002/07/07 17:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\InterVideo
[2005/10/03 13:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Leadertech
[2009/06/03 15:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Nokia
[2010/07/15 12:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\RegistryTool
[2010/05/31 18:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Samsung
[2002/09/11 21:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\Steinberg
[2010/03/18 00:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Adam Gilbert\Application Data\yoclient
[2011/05/07 14:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bandoo
[2008/11/22 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2008/11/22 19:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microgaming
[2004/08/11 17:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2011/05/05 13:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2009/11/05 11:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/28 20:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/14 18:01:02 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\vga.dll:SummaryInformation

< End of report >
  • 0

#30
Essexboy
Posted 14 May 2011 - 01:09 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now use Firefox for a few hours and let me know if all is well. If it is I will remove my tools and tidy you up
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP