Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Seriously Messed up PC [Closed]

Started by LittleMissaSisyphus , Aug 04 2012 01:00 AM

  • This topic is locked This topic is locked

#1
LittleMissaSisyphus
Posted 04 August 2012 - 01:00 AM

LittleMissaSisyphus

    New Member

  • Member
  • Pip
  • 6 posts
This is a friend's computer.
It can barely access the internet and type this message. any help is welcome.
G2G won't allow me to post log in this message. Files are attachments
I can't run malwarebytes or pandascan.

Attached Files


  • 0

Advertisements

#2
Essexboy
Posted 05 August 2012 - 09:45 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there this is the main problem Drive C: | 137.11 Gb Total Space | 3.79 Gb Free Space | 2.77% Space Free | Partition Type: NTFS

Windows needs at least 10% free space to function correctly. The D drive is almost empty so it woul be worth transfering some data (Photo's, Music etc) to there
Also there is a plethora of toolbars which need to be whittled down to just the ones you want..

I will make a start on that

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (SearchElf 1.1 Toolbar) - {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll (Conduit Ltd.)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC)
    O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll File not found
    O2 - BHO: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll (Conduit Ltd.)
    O2 - BHO: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
    O2 - BHO: (GretechBHO Class) - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll (Gretech Corporation)
    O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll File not found
    O3 - HKLM\..\Toolbar: (SearchElf 1.1 Toolbar) - {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll File not found
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKCU\..\Toolbar\WebBrowser: (SearchElf 1.1 Toolbar) - {00F2C0C6-2194-484E-9064-44E57787867B} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (PageRage Toolbar) - {9565115D-C7D6-46D3-BD63-B67B481A4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
    O4 - HKLM..\Run: [SiteRanker] C:\Program Files (x86)\SiteRanker\SiteRankTray.exe (Crawler, LLC)
    O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-L7I2F.exe ()
    [2012/03/31 01:42:16 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\OpenCandy
    [2010/11/22 20:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    [2010/11/22 20:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine
    [2010/11/22 20:21:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchElf_1.1
    [2010/09/11 11:03:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\MSKWS
    [2010/09/11 11:03:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\10a8c90

    :Files
    ipconfig /flushdns /c
    C:\Program Files (x86)\SiteRanker
    C:\Program Files (x86)\Fast Browser Search
    C:\Program Files (x86)\GRETECH
    C:\Program Files (x86)\PageRage

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
LittleMissaSisyphus
Posted 05 August 2012 - 06:38 PM

LittleMissaSisyphus

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
This is the message displayed on reboot.

Files\Folders moved on Reboot...
File\Folder C:\Windows\System32\drivers\etc\Hosts not found!

Registry entries deleted on Reboot...


OTL logfile created on: 8/5/2012 7:30:32 PM - Run 2
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\joey\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 56.34% Memory free
7.68 Gb Paging File | 5.93 Gb Available in Paging File | 77.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 137.11 Gb Total Space | 4.65 Gb Free Space | 3.39% Space Free | Partition Type: NTFS
Drive D: | 140.98 Gb Total Space | 140.70 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
Drive F: | 702.31 Mb Total Space | 612.42 Mb Free Space | 87.20% Space Free | Partition Type: UDF

Computer Name: RENT1ST-PC | User Name: joey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/12/12 22:11:39 | 000,357,800 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
PRC - [2011/12/09 12:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010/05/31 08:22:36 | 000,568,312 | ---- | M] (Oberon Media ) -- C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe
PRC - [2010/04/02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/03/31 22:34:36 | 000,243,000 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Search Protection\YspService.exe
PRC - [2010/03/02 20:52:00 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2010/03/01 20:35:46 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/09/04 02:44:18 | 000,144,672 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Photo Explosion\4.0\ReminderApp.exe
PRC - [2009/07/08 02:53:36 | 000,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/01 12:45:11 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\joey\Desktop\OTL.exe
PRC - [2008/01/25 20:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/05 04:18:20 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll
MOD - [2012/08/05 04:18:19 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll
MOD - [2012/08/05 04:18:14 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/08/05 04:10:11 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/08/05 04:09:57 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/08/05 04:09:49 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/08/05 04:09:37 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012/08/05 04:09:29 | 000,224,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d81872939252c65b6f1127f331b84de0\PresentationFramework.Classic.ni.dll
MOD - [2012/08/05 04:09:27 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012/08/05 04:09:13 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012/08/05 04:09:02 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012/08/05 04:08:59 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/08/05 04:08:53 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/07/31 00:36:14 | 000,442,392 | ---- | M] () -- C:\Users\joey\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll
MOD - [2012/07/31 00:36:12 | 003,997,720 | ---- | M] () -- C:\Users\joey\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
MOD - [2012/07/31 00:34:45 | 000,144,424 | ---- | M] () -- C:\Users\joey\AppData\Local\Google\Chrome\Application\21.0.1180.60\avutil-51.dll
MOD - [2012/07/31 00:34:43 | 000,266,792 | ---- | M] () -- C:\Users\joey\AppData\Local\Google\Chrome\Application\21.0.1180.60\avformat-54.dll
MOD - [2012/07/31 00:34:42 | 002,480,680 | ---- | M] () -- C:\Users\joey\AppData\Local\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll
MOD - [2012/01/11 01:40:08 | 009,843,600 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
MOD - [2011/12/12 22:11:39 | 000,357,800 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
MOD - [2010/11/11 04:24:31 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
MOD - [2010/07/13 08:07:23 | 007,826,432 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
MOD - [2010/07/05 04:19:39 | 000,116,736 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
MOD - [2010/06/23 20:16:19 | 002,150,400 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
MOD - [2010/06/02 00:05:40 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
MOD - [2010/06/01 21:56:04 | 000,232,960 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
MOD - [2010/06/01 21:54:24 | 002,530,816 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
MOD - [2010/06/01 21:29:22 | 000,934,912 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
MOD - [2010/06/01 21:28:00 | 000,335,360 | ---- | M] () -- C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
MOD - [2009/09/04 02:44:22 | 000,152,864 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Photo Explosion\4.0\en-US\ReminderApp.resources.dll
MOD - [2009/09/04 02:44:18 | 000,144,672 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Photo Explosion\4.0\ReminderApp.exe
MOD - [2009/09/04 02:44:18 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Photo Explosion\4.0\AddressBookCore.dll
MOD - [2009/03/29 23:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/29 23:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/04/28 11:49:18 | 000,002,560 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/03/01 20:35:38 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2008/04/25 15:30:26 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/29 14:25:30 | 000,920,064 | ---- | M] () [Auto | Running] -- C:\Program Files\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV:64bit: - [2008/01/29 14:24:52 | 000,193,024 | ---- | M] () [Auto | Running] -- C:\Program Files\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/10 22:11:00 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/08/04 02:48:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/05 14:55:01 | 000,116,104 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/25 20:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/06 19:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/06 19:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/06 19:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2012/03/06 19:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/06 19:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/06 19:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/03/01 20:35:46 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VX3000.sys -- (VX3000)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/13 15:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/07 14:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\purendis.sys -- (purendis)
DRV:64bit: - [2009/07/07 14:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\pnarp.sys -- (pnarp)
DRV:64bit: - [2009/06/30 10:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2008/04/21 19:49:00 | 000,054,816 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/01/30 19:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/01/30 19:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008/04/25 15:23:40 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\..\URLSearchHook: {00f2c0c6-2194-484e-9064-44e57787867b} - No CLSID value found
IE - HKLM\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0E17083A-4F6C-47E6-87B4-433D0D7A0756}: "URL" = http://www.mirarsear...Terms}&a=SEARCH
IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp
IE - HKLM\..\SearchScopes\{37FE1E70-8D59-4326-8824-4A0F35F83E3A}: "URL" = http://www.tangosear...Terms}&a=SEARCH
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2418376

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00f2c0c6-2194-484e-9064-44e57787867b} - No CLSID value found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found
IE - HKCU\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {4AEC7E8C-EFAF-4D1F-8A96-D56E854FBF52}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://mumbojumbo.st...q={searchTerms}
IE - HKCU\..\SearchScopes\{37FE1E70-8D59-4326-8824-4A0F35F83E3A}: "URL" = http://www.tangosear...Terms}&a=SEARCH
IE - HKCU\..\SearchScopes\{4AEC7E8C-EFAF-4D1F-8A96-D56E854FBF52}: "URL" = http://www.google.co...&rlz=1I7ACAW_en
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2008-02-20 13:00:21&v=11.1.1.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2418376
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://us.search.yah...&fr=chr-linksys
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Program Files (x86)\Sony Online Entertainment\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer3.08.01: C:\Users\joey\AppData\Roaming\Kalydo\KalydoPlayer\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\joey\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\joey\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\joey\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\SiteRanker\firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}: C:\Users\joey\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}

[2009/07/13 11:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joey\AppData\Roaming\Mozilla\Extensions
[2009/07/13 11:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joey\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\joey\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\joey\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\joey\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\Program Files (x86)\Sony Online Entertainment\npsoe.dll
CHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Users\joey\AppData\Roaming\Kalydo\KalydoPlayer\npkalydo.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

Hosts file not found
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7725.1624\swg64.dll (Google Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files (x86)\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Do Not Track Plus) - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files (x86)\DoNoTrackPlus\ScriptHost.dll (Abine)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7725.1624\swg.dll (Google Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {03B0CDE0-9CEC-41C1-9751-986F0B5E7757} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [AddressBookReminderApp] C:\Program Files (x86)\Nova Development\Photo Explosion\4.0\ReminderApp.exe ()
O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe (Oberon Media )
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\YspService.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Do Not Track Plus © Abine - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files (x86)\DoNoTrackPlus\ScriptHost.dll (Abine)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freer...ller.cab?v=1046 (SonyOnlineInstallerX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.co...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.183.164 97.64.209.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B728833-38A4-42F4-A6E9-FFC1509155DD}: DhcpNameServer = 97.64.183.164 97.64.209.37
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\joey\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\joey\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/05 19:15:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/04 02:24:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/08/04 02:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/08/04 02:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

========== Files - Modified Within 30 Days ==========

[2012/08/05 19:33:29 | 000,706,952 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/05 19:33:29 | 000,606,630 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/05 19:33:29 | 000,105,230 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/05 19:28:37 | 000,133,013 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/08/05 19:28:37 | 000,133,013 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/08/05 19:27:36 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/05 19:27:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012/08/05 19:27:08 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\FileCure Startup.job
[2012/08/05 19:26:48 | 000,003,216 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/05 19:26:47 | 000,003,216 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/05 19:26:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/05 18:52:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3916287362-1845950415-4243255680-1001UA.job
[2012/08/05 18:49:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/05 18:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/05 18:00:00 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/08/05 02:52:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3916287362-1845950415-4243255680-1001Core.job
[2012/08/04 03:26:09 | 000,386,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/04 02:24:28 | 000,721,800 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2012/08/04 02:24:53 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/08/04 02:24:28 | 000,721,800 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/18 05:39:56 | 000,000,580 | ---- | C] () -- C:\Users\joey\AppData\Local\cookies.ini

========== LOP Check ==========

[2009/06/29 08:30:38 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Acer
[2008/08/20 22:54:52 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Acer GameZone Console
[2010/05/10 20:53:53 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Big Fish Games
[2011/09/26 21:48:51 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Canon
[2012/02/22 22:06:23 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Elephant Games
[2010/06/26 19:21:07 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\ERS G-Studio
[2010/01/24 21:12:48 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\eSobi
[2010/05/31 18:12:09 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Fugazo
[2010/02/25 20:55:07 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Gaijin Ent
[2011/01/04 23:06:09 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Kalydo
[2010/05/09 11:28:35 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Lazy Turtle Games
[2009/06/29 08:30:36 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Leadertech
[2008/01/09 01:05:37 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\LimeWire
[2010/05/24 16:25:28 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Ludia
[2010/05/23 15:36:39 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Magic3
[2012/03/10 01:32:49 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Nova Development
[2011/01/22 21:15:35 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Oberon Media
[2010/01/21 19:59:53 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Playrix Entertainment
[2009/08/01 16:18:05 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Pogo Games
[2010/01/31 23:53:51 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\PopCapv1002
[2009/08/01 19:06:54 | 000,000,000 | ---D | M] -- C:\Users\joey\AppData\Roaming\Template
[2012/08/05 19:27:08 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\FileCure Startup.job
[2012/05/04 03:56:00 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\FileCure.job
[2012/08/05 18:00:00 | 000,000,474 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2010/02/07 20:53:30 | 000,000,448 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2012/08/05 19:25:32 | 000,032,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:3325D6E9
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:50DD4118
@Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:FBEADB83
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0B352B60
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:D20FFA63
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A26AFC00
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:80F9BB49
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:9D6EAEC3
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:815D61C4
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:EA1919C7
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D8D58038
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:AB82C54F
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0F6AC518
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D3A89E47
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:6247E766
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:CF6A6C8A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:72E6616C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DDCD5068
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8944C195
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DB779A93
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:CA0CE093
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:32FFF2D1
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:9D03192E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:07D9FF25
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:BE40C8A2
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:9B27D3A9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:4F60ACF1
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5E9E3A14
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:01BEC24A

< End of report >
  • 0

#4
Essexboy
Posted 06 August 2012 - 07:10 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Drive C: | 137.11 Gb Total Space | 4.65 Gb Free Space | 3.39% Space Free | Partition Type: NTFS
Drive D: | 140.98 Gb Total Space | 140.70 Gb Free Space | 99.81% Space Free | Partition Type: NTFS


Still insufficient space for any programmes to run effectively

Could you move at least 10Gb of data across, or uninstall any programmes that are no longer required

Could you now try malwarebytes please
  • 0

#5
LittleMissaSisyphus
Posted 06 August 2012 - 11:12 AM

LittleMissaSisyphus

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I moved 65+ GB over to the other drive. I moved documents, photos, video and music. I asked them to please save there in the future.
I looked through add/remove programs and only removed McAfee scanner. They appear to have had many scanners etc. They have let several people tinker with it as they have had virus' in the past as well, which explains why I found a QooBox folder and combofix on the D: drive. In addition to several quarantine folders including one from AVG.
I ran malwarebytes, and it removed one adware program. I allowed it to reboot, and I can post a log next time I see them or perhaps see if they can post it for me. They had a friend install Microsoft security Essentials, but they already have Avast...do these two programs conflict??

I ran the fix you asked, ran malwarebytes, and windows update with reboots in between. I have updated Java and adobe. I moved a lot of files and they have over 50% free space on their operating drive and a little less than 50% on the data drive.
I told them to ask their friend if the program he downloaded can run along side avast, but other than that I figured they were running smoothly. I also downloaded Google Chrome for everyday browsing, and told them to uncheck the boxes that allow additional programs to download with other installs, and to always allow their other programs to update. I told them if I find anything else out I will let them know and try to walk them through the fixes, if any more are needed. And outside of the what I believe is two antivirus programs, I do believe that they are running much more smoothly, their internet connection seems to be pretty normal, and both chrome and IE are able to do their job. They can listen to pandora now, which was their main complaint! :)

Let me know what you think, if more action is needed, or if you would like to see the MBAM log or any other, I can get that within the next few days.
Otherwise my friends seem pretty satisfied and the PC seems much better, i was concerned it would be something much worse than an overloaded drive. The first night I looked at it, it didn't even have the memory to move the files over, as it was that overloaded. After the OTL fix it seemed to be able to keep up with the commands.

Thank you
  • 0

#6
Essexboy
Posted 06 August 2012 - 11:19 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You are correct it is not good policy to run two antivirus programmes together as they could end up fighting like cat and dog over file analysis. :lol:

If you could post the MBAM log please

Also let me know of any other problems they are experiecing.. If all is OK I will remove my tools and tidy up
  • 0

#7
LittleMissaSisyphus
Posted 06 August 2012 - 12:01 PM

LittleMissaSisyphus

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
That is what concerned me too, it was only installed a few days ago. I will have them remove one or the other and try to get that log posted, I am not with them at the moment, and they are working. But I will get it on here ASAP. Thank you, again.
  • 0

#8
Essexboy
Posted 06 August 2012 - 12:38 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Time is not a problem :cool:
  • 0

#9
LittleMissaSisyphus
Posted 11 August 2012 - 07:31 PM

LittleMissaSisyphus

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Unfortunately someone has deleted malewarebytes and the log that was created last week when it detected and removed an item. I should have had the forethought to send it last time :-(
I have re-installed and the log (clean) is below.
They say that the computer is running wonderfully, however when I got here, avast is still in the task bar, but not in the uninstall list. (frustrating).
I seem to remember many moons ago using ad-aware to remove stubborn items like this. I resorted to using the "disable permanently" option in the right click menu from the avast icon on the taskbar. I cannot figure out how to remove it fully. What program would be best?
Are there any other logs I could send that might help if there are other random things going on?
I noticed that they have two Program files folders. One is marked as x86, but they are both on the C: drive. Why would this be?
They are happy with how the computer is running, and I am not a super geek, but it seems something fishy is going on.
They have had too many cooks in this kitchen! ;)




Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.11.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
joey :: RENT1ST-PC [administrator]

8/11/2012 8:12:08 PM
mbam-log-2012-08-11 (20-12-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 226176
Time elapsed: 3 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#10
LittleMissaSisyphus
Posted 11 August 2012 - 07:40 PM

LittleMissaSisyphus

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
nevermind about avast, I downloaded an uninstaller from cnet.
However, is it bad that their recycle bin is on the D: drive?? NO icon on desktop??
  • 0

#11
Essexboy
Posted 12 August 2012 - 04:10 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The two program files folders are normal on a 64bit system.. One is for 32 bit programmes (x86) and the other for 64it

I see that you have run aswClear so that is all of Avast gone now

For the recycle bin :

Right click the desktop
Select customize
Select desktop icons and put a tick in recycle bin

You are still rather short on space on the C drive removal of a further 10Gb would not go amiss, as that will then allow you to run disc defragmenter

Let me know if you get the recycle bin back
  • 0

#12
Essexboy
Posted 16 August 2012 - 07:32 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP