Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

2 issues: Catalyst Control Center & CToolbar.exe [Solved]


  • This topic is locked This topic is locked

#1
blondie53185

blondie53185

    Member

  • Member
  • PipPip
  • 83 posts
I've been working on these 2 problems for a week now and cannot figure it out myself. Catalyst Control Center indicates an update is necessary but fails because it says it cant find an internet connection. CToolbar.exe constantly comes up saying it stopped running. I cannot uninstall this awful program. Please help. Thank you!!

OTL LOG: (EXTRAS FILE WILL FOLLOW)

OTL logfile created on: 8/30/2012 7:56:26 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Jan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 53.67% Memory free
7.70 Gb Paging File | 5.60 Gb Available in Paging File | 72.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.19 Gb Total Space | 189.37 Gb Free Space | 66.40% Space Free | Partition Type: NTFS
Drive D: | 12.90 Gb Total Space | 1.96 Gb Free Space | 15.16% Space Free | Partition Type: NTFS

Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/30 07:56:15 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/23 16:37:46 | 000,793,088 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/07/23 16:37:46 | 000,103,936 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/11/07 15:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
PRC - [2011/11/07 15:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2009/07/27 20:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/09/26 05:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/09/25 21:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/09/25 21:41:44 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/19 04:35:24 | 000,224,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d81872939252c65b6f1127f331b84de0\PresentationFramework.Classic.ni.dll
MOD - [2012/08/19 04:34:43 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012/08/19 04:34:21 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012/08/19 04:34:03 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012/08/19 04:31:41 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/08/19 04:31:39 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll
MOD - [2012/08/19 04:31:39 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.Wrapper.dll
MOD - [2012/08/19 04:31:37 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll
MOD - [2012/08/19 04:31:36 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012/08/19 03:51:11 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/08/19 03:50:58 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/08/19 03:50:40 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/08/19 03:50:31 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/08/19 03:50:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/08/19 03:48:40 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/08/19 03:48:33 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2010/09/01 15:24:38 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2010/04/07 04:36:10 | 002,367,440 | ---- | M] () -- C:\Program Files (x86)\Crawler\Toolbar\CToolbar.exe
MOD - [2009/04/11 02:28:21 | 000,368,640 | ---- | M] () -- C:\WINDOWS\SysWOW64\msjetoledb40.dll
MOD - [2009/04/10 22:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/30 00:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/09/30 19:56:06 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/09/30 19:52:02 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/09/30 19:52:00 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/09/30 19:51:52 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/09/30 19:51:52 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/09/30 19:51:36 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/09/30 19:51:36 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/09/30 19:51:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2008/09/25 21:42:26 | 000,881,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008/06/29 19:10:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\richvideops.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/08/13 17:09:38 | 000,240,640 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_1b06afce\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_1b06afce\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/09/17 00:14:32 | 000,905,216 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 15:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/08/14 16:07:22 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/23 16:37:46 | 000,793,088 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/11/07 15:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/11/07 15:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/10/03 15:49:53 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/20 21:37:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2011/01/27 01:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/13 17:09:38 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/04/03 06:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/11/21 22:05:22 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/10/03 17:17:30 | 000,184,320 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/09/17 01:01:26 | 004,709,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/07/21 06:53:04 | 000,145,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/04/28 05:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/04/27 14:09:18 | 001,133,568 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/01/24 09:24:24 | 000,060,928 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/01/20 22:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/06/18 20:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2012/08/27 10:23:35 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120828.002\ex64.sys -- (NAVEX15)
DRV - [2012/08/27 10:23:35 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120828.002\eng64.sys -- (NAVENG)
DRV - [2012/08/19 16:45:41 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120825.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/10 23:12:13 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/10 23:12:13 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/10 20:25:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120823.005\BHDrvx64.sys -- (BHDrvx64)
DRV - [2008/09/26 05:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{C4B887F1-E634-4BCC-8BA4-6E91B16D2814}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80197
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...aspx?tbid=80197
IE - HKLM\..\URLSearchHook: {a563639d-a539-4bce-b5b8-7da5faf87d00} - C:\Program Files (x86)\IncrediMail_MediaBar\tbIncr.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbPro0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2319576
IE - HKLM\..\SearchScopes\{C4B887F1-E634-4BCC-8BA4-6E91B16D2814}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKCU\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbPro0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{86F32CB8-D408-4D56-AFC4-C442CBB0AF23}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Jan\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/08/19 00:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_12_1 [2012/08/28 14:56:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\GamingWonderland\bar\1.bin [2012/08/28 12:07:13 | 000,000,000 | ---D | M]

[2012/05/11 16:31:08 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - homepage: http://www.searchnu.com/406
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.searchnu.com/406
CHR - Extension: No name found = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\
CHR - Extension: No name found = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\

O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (RivalGaming Games) - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\Jan\AppData\Local\RivalGaming\RivalGaming.dll (RivalGaming)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Toolbar BHO) - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - Reg Error: Value error. File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O2 - BHO: (IncrediMail MediaBar Toolbar) - {a563639d-a539-4bce-b5b8-7da5faf87d00} - C:\Program Files (x86)\IncrediMail_MediaBar\tbIncr.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Produtools Manuals 2.1 Toolbar) - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbPro0.dll (Conduit Ltd.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Toolbar) - {a563639d-a539-4bce-b5b8-7da5faf87d00} - C:\Program Files (x86)\IncrediMail_MediaBar\tbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (GamingWonderland) - {a899079d-206f-43a6-be6a-07e0fa648ea0} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Produtools Manuals 2.1 Toolbar) - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbPro0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar Toolbar) - {A563639D-A539-4BCE-B5B8-7DA5FAF87D00} - C:\Program Files (x86)\IncrediMail_MediaBar\tbIncr.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (GamingWonderland) - {A899079D-206F-43A6-BE6A-07E0FA648EA0} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Produtools Manuals 2.1 Toolbar) - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - C:\Program Files (x86)\Produtools_Manuals_2.1\prxtbPro0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [cdloader] C:\Users\Jan\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O8:64bit: - Extra context menu item: &Search - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Crawler Search - tbr:iemenu File not found
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://www.facebook....b?1265907443721 (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7F73262-C57E-48DF-8B3C-E22B4DBAE0AF}: DhcpNameServer = 192.168.4.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\tbr - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\G\Shell\phone\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/30 07:56:03 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2012/08/30 07:29:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/29 12:42:41 | 000,042,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/08/29 12:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2012/08/29 12:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/08/29 12:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/08/28 15:48:43 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Registry Mechanic
[2012/08/28 13:05:53 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2012/08/28 13:05:53 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2012/08/28 13:05:53 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2012/08/28 13:05:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Registry Mechanic
[2012/08/28 13:05:52 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012/08/28 13:05:52 | 000,512,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll
[2012/08/28 13:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/08/28 13:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/08/28 13:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/08/28 13:05:19 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Product_RM
[2012/08/28 09:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/08/28 09:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2012/08/27 10:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/27 10:33:51 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/26 19:02:03 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\PriceGong
[2012/08/26 19:01:40 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\RebateInformer
[2012/08/26 19:01:38 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Local\Produtools_Manuals_2.1
[2012/08/26 18:34:19 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes
[2012/08/26 18:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/26 18:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/24 20:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/24 17:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/08/24 17:33:14 | 000,034,872 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2012/08/24 17:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2012/08/24 17:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/08/18 23:37:11 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/08/18 23:37:11 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/08/18 23:37:11 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/08/18 23:37:11 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/08/18 23:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Weather Channel
[2012/08/18 20:42:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64
[2012/08/18 20:42:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\0200110.014
[2012/08/18 20:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup
[2012/08/18 20:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2012/08/18 20:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012/08/18 20:01:37 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Local\PC_Drivers_Headquarters
[2012/08/18 20:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Manager
[2012/08/18 20:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Manager
[2012/08/18 19:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Manager
[2012/08/17 03:09:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/17 03:09:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/17 03:09:48 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/17 03:09:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/17 03:09:46 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/17 03:09:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/17 03:09:46 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/17 03:09:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/17 03:09:45 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/17 03:09:45 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/17 03:09:44 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/17 03:09:41 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/17 03:09:41 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/16 12:03:04 | 000,788,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/16 12:03:03 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2012/08/16 12:02:55 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/05 16:38:31 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Local\Ilivid Player
[2012/08/05 16:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
[2012/08/05 16:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/08/05 16:33:41 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Local\Conduit
[2012/08/05 16:33:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Produtools_Manuals_2.1

========== Files - Modified Within 30 Days ==========

[2012/08/30 07:59:19 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/30 07:56:15 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2012/08/30 07:31:40 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/30 07:24:15 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2012/08/30 07:24:13 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/30 07:23:47 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/30 07:23:47 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/30 07:23:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/30 07:23:24 | 4024,262,656 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/29 17:19:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/29 12:43:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/08/29 12:43:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/08/29 12:40:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/29 12:20:00 | 000,056,320 | -H-- | M] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/29 12:04:31 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/08/28 20:30:51 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2012/08/28 17:06:14 | 000,309,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/28 15:37:37 | 000,006,836 | -H-- | M] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat
[2012/08/28 13:05:53 | 000,001,120 | -H-- | M] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/08/28 09:55:14 | 000,000,878 | -H-- | M] () -- C:\Users\Jan\Desktop\SpywareBlaster.lnk
[2012/08/27 17:46:16 | 000,000,040 | -H-- | M] () -- C:\Users\Public\Documents\_rgpl
[2012/08/27 10:33:55 | 000,000,908 | -H-- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/24 17:26:28 | 000,002,025 | -H-- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/19 03:50:42 | 000,751,384 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/19 03:50:42 | 000,640,690 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/19 03:50:42 | 000,118,910 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/19 03:50:33 | 000,751,384 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/18 23:35:56 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/08/18 23:35:56 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/08/18 23:35:56 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/08/18 23:35:56 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/08/18 23:35:56 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/08/18 20:43:02 | 000,002,125 | -H-- | M] () -- C:\Users\Public\Desktop\Norton PC Checkup.LNK
[2012/08/18 20:00:17 | 000,002,168 | -H-- | M] () -- C:\Users\Public\Desktop\Driver Manager.lnk
[2012/08/14 16:07:21 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/14 16:07:21 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/05 16:42:31 | 000,001,357 | -H-- | M] () -- C:\Users\Public\Desktop\iLivid.lnk
[2012/08/05 16:38:19 | 000,001,102 | -H-- | M] () -- C:\Users\Public\Desktop\Upgrade Facebook Chat Experience.lnk
[2012/08/05 16:38:18 | 000,000,971 | -H-- | M] () -- C:\Users\Public\Desktop\Play Games.lnk

========== Files Created - No Company Name ==========

[2012/08/30 07:30:32 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/30 07:30:31 | 000,002,455 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/08/29 12:43:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/08/29 12:43:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/08/29 12:42:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012/08/28 15:45:34 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job
[2012/08/28 15:45:33 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\RMAutoUpdate.job
[2012/08/28 13:05:53 | 000,001,120 | -H-- | C] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/08/28 13:05:52 | 000,040,448 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe
[2012/08/28 09:55:13 | 000,000,878 | -H-- | C] () -- C:\Users\Jan\Desktop\SpywareBlaster.lnk
[2012/08/27 17:46:16 | 000,000,040 | -H-- | C] () -- C:\Users\Public\Documents\_rgpl
[2012/08/27 10:33:55 | 000,000,908 | -H-- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/27 10:10:54 | 4024,262,656 | -HS- | C] () -- C:\hiberfil.sys
[2012/08/18 23:12:26 | 000,751,384 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/18 20:43:02 | 000,002,125 | -H-- | C] () -- C:\Users\Public\Desktop\Norton PC Checkup.LNK
[2012/08/18 20:42:53 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\0200110.014\isolate.ini
[2012/08/18 20:00:16 | 000,002,168 | -H-- | C] () -- C:\Users\Public\Desktop\Driver Manager.lnk
[2012/08/05 16:38:19 | 000,001,102 | -H-- | C] () -- C:\Users\Public\Desktop\Upgrade Facebook Chat Experience.lnk
[2012/08/05 16:38:17 | 000,000,971 | -H-- | C] () -- C:\Users\Public\Desktop\Play Games.lnk
[2012/08/05 16:35:41 | 000,001,357 | -H-- | C] () -- C:\Users\Public\Desktop\iLivid.lnk
[2012/03/24 19:33:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/02/07 22:56:05 | 000,001,940 | -H-- | C] () -- C:\Users\Jan\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/21 23:19:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/10 16:20:50 | 000,006,836 | -H-- | C] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat
[2009/06/09 14:28:25 | 000,056,320 | -H-- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 170 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

EXTRAS LOG:

OTL Extras logfile created on: 8/30/2012 7:56:26 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Jan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 53.67% Memory free
7.70 Gb Paging File | 5.60 Gb Available in Paging File | 72.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.19 Gb Total Space | 189.37 Gb Free Space | 66.40% Space Free | Partition Type: NTFS
Drive D: | 12.90 Gb Total Space | 1.96 Gb Free Space | 15.16% Space Free | Partition Type: NTFS

Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 0A 6C CB 8E 86 5D CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13C5FF9A-E65C-4168-9790-87AAEC449467}" = rport=445 | protocol=6 | dir=out | app=system |
"{17DE8170-3B66-481A-83EF-31350EC40854}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{23AC5868-34CC-4B7E-91B5-555148279C3C}" = lport=137 | protocol=17 | dir=in | app=system |
"{4F61110D-43E4-4FE8-8E81-952CD0CE741A}" = lport=138 | protocol=17 | dir=in | app=system |
"{50492D29-B570-4AE9-AE39-E76B2933CE70}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{521ED78E-FD72-4343-9ADC-48A3F430CBB1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73BA33B6-7051-44D4-A770-60FF514863E7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C1D252D-35C5-4F94-BB83-E2DF786AB509}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A034283E-9DDC-4ED7-B634-D80D94A269D8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A408A8E4-F7B2-46E6-B401-520C0E8D8FC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9EC12F2-4F9E-4DC1-AC4B-63C3B87E40F6}" = lport=139 | protocol=6 | dir=in | app=system |
"{B19B2F70-8890-44A4-B8F1-E50B2D9E2F87}" = rport=139 | protocol=6 | dir=out | app=system |
"{C472F617-C36F-4723-BD5C-DB1E0D9A33A0}" = lport=445 | protocol=6 | dir=in | app=system |
"{C753B5C6-EDE5-414E-9E9F-9942260FCCF9}" = rport=137 | protocol=17 | dir=out | app=system |
"{CAD285B7-CC37-46D4-BC61-B7A18AD04A0B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D89042E9-9B48-4AEE-982E-BCA8DF6D2962}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DF1FAFEA-0136-40CF-8221-00714B5B04E3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F0549704-1A51-4308-AA2A-522DC9A2E4E8}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A4D525-C92C-4EFF-93DC-04263356B4F3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0779AD04-2A6F-46F0-984D-F078A760CF4E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{123CD529-5241-450F-AC33-311095382105}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{1616C4F6-CA10-46E4-8DEF-F8E012A330CD}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{209AB599-F471-43C1-9526-CDABC7F8A81E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{2D720E0B-FB17-4C8A-9F86-B55938CFA8A9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{4806060E-BF16-40C0-A75D-B3FAB28DAD29}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{4A9EDDDE-2C30-44B1-A1E4-1281EC310422}" = protocol=6 | dir=in | app=c:\program files (x86)\toolbar2\dtuser.exe |
"{53A925CE-5FBD-4261-8067-5E92A1106006}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{5C7E9D42-EDF2-44B2-A2D2-EE219F212867}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{5E243F32-994F-455B-AE3B-012E84E37042}" = protocol=58 | dir=out | [email protected],-28546 |
"{60A01AF5-6A6C-4195-996A-FB88B1E2CC0F}" = protocol=6 | dir=in | app=c:\program files (x86)\dogpile bundle toolbar\toolbarupdate.exe |
"{67AFB298-1FF8-4008-BD37-F65A1B8A81FE}" = protocol=6 | dir=in | app=c:\program files (x86)\dogpile bundle toolbar\troubleshooter.exe |
"{6F958951-8B3F-4BD2-8E25-85BC0336F94A}" = protocol=17 | dir=in | app=c:\program files (x86)\dogpile bundle toolbar\toolbarupdate.exe |
"{7C98CD0C-9E48-4131-AA20-B97FAA839F1A}" = protocol=17 | dir=in | app=c:\program files (x86)\dogpile bundle toolbar\troubleshooter.exe |
"{82126BB3-5BDC-44F1-A110-BF9F63D5D87A}" = protocol=1 | dir=in | [email protected],-28543 |
"{9872CBD4-D42E-4FD6-BF8A-32C850302011}" = protocol=17 | dir=in | app=c:\program files (x86)\toolbar2\dtuser.exe |
"{B472629C-B189-4552-921D-75F97900F22A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{BA42397F-E9E2-4676-A66B-CBAAC50CA2AC}" = protocol=1 | dir=out | [email protected],-28544 |
"{BF0DEC56-30C8-4E7E-9D8D-4A0990C5E50B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{C3825B86-6DE7-488B-A926-20BF0EDA232C}" = protocol=58 | dir=in | [email protected],-28545 |
"{C4E28F43-A65B-4B75-9255-1F5F7FFA6D56}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{C60C6A75-F9CB-40C2-B07D-9ACA5CD0D236}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{C695ECBA-207E-45BB-BB99-E27D5064C60A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D7A31045-6CF1-49D7-AF02-4F28FFA1F9ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E4FE11CC-8F93-4F40-ACCB-1C3959942258}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{EB0E0C5A-704C-40A9-ADEC-52AAAC2EB761}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{F6CAB84E-4E57-47CF-BE05-C9EB95456D40}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"TCP Query User{263A18D8-0A83-4CC9-B950-1BEB3340E6BA}C:\users\jan\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{BC823C2F-1B34-4B26-921A-DDB1D7AFB84C}C:\users\jan\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{8BF7DF72-D0E5-4E84-9DE2-D73AFB0967A8}C:\users\jan\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{F2562E5A-109C-4BF3-B16B-A69B76FA4F4D}C:\users\jan\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\mjusbsp\magicjack.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{1AA812EC-5ABB-48E2-46BB-97451CE66FC3}" = ccc-utility64
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9AA313B0-6ACD-6E61-6C48-D5802B114170}" = ATI Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}" = HP MediaSmart SmartMenu
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08E2821E-23A9-3B04-D8A2-96D9EB9330DE}" = Catalyst Control Center Core Implementation
"{0D7E1F8D-1F00-FEB9-7F3B-F51142268640}" = CCC Help Portuguese
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{10F730DC-23D3-2467-BBD5-195058CC8524}" = CCC Help Italian
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129
"{15382D89-6EF6-4D21-9484-B500F2B10E46}" = PhotoMail Maker
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F6A35-F639-3A35-6880-AC394C3A4DBA}" = CCC Help Spanish
"{177CD779-4EEC-43C5-8DEA-4E0EC103624B}" = Driver Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18567F4D-7CFA-64D3-FCA6-2C592512A33C}" = CCC Help Dutch
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2411090F-8712-62C9-9B07-8E2D76C408E2}" = CCC Help Chinese Traditional
"{253F6600-AB9F-7847-7B95-39B932542C07}" = CCC Help German
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java™ 6 Update 34
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FB3D567-412E-3EAF-C46A-3253139FD7FF}" = CCC Help Japanese
"{30D3B7BC-5798-45D9-822D-05CA18F39E99}" = HPTCSSetup
"{31E51AAE-B5C1-25FE-958D-3F6EC193AA3C}" = CCC Help Danish
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4037A29E-BE4C-D933-73FA-A75C3E3E226C}" = CCC Help Norwegian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{41CA7EA0-264E-5085-90B7-09ECB4BB8205}" = CCC Help Polish
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{475A3688-033E-A6B6-45B8-6A79C2B18A1A}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5215AC0C-4453-2B1D-CAE1-8D2A7CAEC2C1}" = Catalyst Control Center Localization All
"{5393484D-D0C6-309B-15BE-6209C76F4261}" = Catalyst Control Center Graphics Light
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{59BA6BC0-1B9B-947D-F30F-BED853042451}" = CCC Help English
"{5A28C0BF-FE2E-7B72-A034-DEEA8A75071D}" = CCC Help Hungarian
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D44AEEF-E0F6-6FD3-A867-86EFE5F1F47A}" = CCC Help Thai
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67581CFE-8E8D-D787-4897-1AD30189FE3E}" = Catalyst Control Center InstallProxy
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6C3BD0EF-B05B-44B6-132D-F937218B8AC3}" = CCC Help Swedish
"{6D120DAA-3353-2F25-3347-480CA2DC2EAD}" = CCC Help Korean
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78BC20D2-2FFF-9A79-297B-E8378C47DBF2}" = Catalyst Control Center Graphics Previews Vista
"{7B91B735-2794-8736-2D62-8AE38A0888D4}" = CCC Help Russian
"{7C124649-7523-8370-C5DB-F25D048DF052}" = CCC Help Greek
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83C2E3D9-CDEE-4809-B735-CA881D9A580E}" = My Sim Aquarium
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B32EE6F-0561-F89B-EE4C-B754B57388C3}" = Catalyst Control Center Graphics Full Existing
"{8F2E11F6-C890-9491-A496-2DAE655541FE}" = Catalyst Control Center Graphics Full New
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{93FE60AD-0966-5FFE-3550-A020616CF3F9}" = CCC Help Turkish
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB54ECD8-31ED-498A-AFCB-36125523AFA9}" = ccc-core-static
"{BD71D4E2-70C1-2CEC-1314-3AACD3A0B5E4}" = CCC Help Chinese Standard
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D10DC573-8F62-CC52-1DE1-8230DD7375EE}" = CCC Help French
"{D9156960-1516-9E07-18DD-0501FCF0CF59}" = Skins
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{E1A4C03E-881C-128E-921C-A9D9F940E29F}" = Catalyst Control Center InstallProxy
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{ED58D796-6978-CD24-4EBC-71F22A9D91FD}" = CCC Help Finnish
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{FDB9BA4B-5C91-781D-BFCD-5DB5C89AEF65}" = CCC Help Czech
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player 10 ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Canon MP250 series User Registration" = Canon MP250 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CToolbar_UNINSTALL" = Crawler Toolbar
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"GamingWonderlandbar Uninstall" = GamingWonderland Toolbar
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"iLivid" = iLivid
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar Toolbar" = IncrediMail_MediaBar Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Magentic" = Magentic
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"N360" = Norton 360
"NortonPCCheckup" = Norton PC Checkup
"PhotoMail" = PhotoMail Maker
"Produtools_Manuals_2.1 Toolbar" = Produtools Manuals 2.1 Toolbar
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.1
"SpywareBlaster_is1" = SpywareBlaster 4.6
"Super GameHouse Solitaire Vol. 1" = Super GameHouse Solitaire Vol. 1
"Vivitar Experience Image Manager" = Vivitar Experience Image Manager
"WildTangent hp Master Uninstall" = HP Games
"WT081722" = Pocahontas - Princess of the Powhatan

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"magicJack" = magicJack
"RivalGaming" = RivalGaming

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/13/2012 7:30:45 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x1e6c, application start time
0x01cd79aba9439700.

Error - 8/13/2012 7:31:20 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x1f68, application start time
0x01cd79abbdee6c20.

Error - 8/13/2012 7:32:00 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x1b68, application start time
0x01cd79abd614fa80.

Error - 8/13/2012 7:32:33 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x1cc0, application start time
0x01cd79abe9c6f0b0.

Error - 8/13/2012 8:41:20 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x1a70, application start time
0x01cd79b585f24120.

Error - 8/13/2012 8:42:02 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x170c, application start time
0x01cd79b59e9a5b90.

Error - 8/13/2012 8:42:35 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0xfd0, application start time
0x01cd79b5b2bd14f0.

Error - 8/13/2012 8:43:13 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x1024, application start time
0x01cd79b5c8ededd0.

Error - 8/13/2012 8:43:48 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x1bcc, application start time
0x01cd79b5de3acf50.

Error - 8/13/2012 8:44:30 PM | Computer Name = Jan-PC | Source = Application Error | ID = 1000
Description = Faulting application CToolbar.exe, version 0.0.0.0, time stamp 0x4addb9c4,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception
code 0xc0000005, fault offset 0x0006f52f, process id 0x1b94, application start time
0x01cd79b5f7198a20.

[ Media Center Events ]
Error - 2/23/2012 2:20:38 AM | Computer Name = Jan-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/20/2012 6:08:39 PM | Computer Name = Jan-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/22/2012 8:06:45 PM | Computer Name = Jan-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 8/30/2012 7:28:11 AM | Computer Name = Jan-PC | Source = PlugPlayManager | ID = 12
Description = The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0428)
disappeared from the system without first being prepared for removal.

Error - 8/30/2012 7:29:52 AM | Computer Name = Jan-PC | Source = DCOM | ID = 10005
Description =

Error - 8/30/2012 7:29:52 AM | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8/30/2012 7:29:52 AM | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/30/2012 7:35:46 AM | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 8/30/2012 7:35:46 AM | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 8/30/2012 7:35:50 AM | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8/30/2012 7:35:50 AM | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/30/2012 7:36:16 AM | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 8/30/2012 7:36:55 AM | Computer Name = Jan-PC | Source = DCOM | ID = 10010
Description =


< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there

Run this small programme first and then I will need a second look using OTL for the remnants

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

THEN

Re-run OTL with the following parameters

[*]Select All Users
[*]Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
CREATERESTOREPOINT


[*]Then press quickscan
  • 0

#3
blondie53185

blondie53185

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Thanks for your time helping me fix this mess. I really appreciate it. I have 1 more issue - it is a Driver Updater that says it is associated with Norton Antivirus. It wont update or run. Not sure where this program came from but I thought I had it removed. Anyway, here is the log file from adwCleaner:

# AdwCleaner v1.801 - Logfile created 08/30/2012 at 10:19:54
# Updated 14/08/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Jan - JAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Jan\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Jan\AppData\Local\Conduit
Deleted on reboot : C:\Users\Jan\AppData\Local\Ilivid Player
Deleted on reboot : C:\Users\Jan\AppData\Local\Produtools_Manuals_2.1
Deleted on reboot : C:\Users\Jan\AppData\LocalLow\AskToolbar
Deleted on reboot : C:\Users\Jan\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\Jan\AppData\LocalLow\FunWebProducts
Deleted on reboot : C:\Users\Jan\AppData\LocalLow\GamingWonderland
Deleted on reboot : C:\Users\Jan\AppData\LocalLow\IncrediMail_MediaBar
Deleted on reboot : C:\Users\Jan\AppData\LocalLow\MyWebSearch
Deleted on reboot : C:\Users\Jan\AppData\LocalLow\PriceGong
Deleted on reboot : C:\Users\Jan\AppData\LocalLow\Produtools_Manuals_2.1
Deleted on reboot : C:\Users\Jan\AppData\Roaming\PriceGong
Deleted on reboot : C:\Users\Jan\AppData\Roaming\RebateInformer
Deleted on reboot : C:\ProgramData\boost_interprocess
Deleted on reboot : C:\Program Files (x86)\Conduit
Deleted on reboot : C:\Program Files (x86)\Crawler
Deleted on reboot : C:\Program Files (x86)\GamingWonderland
Deleted on reboot : C:\Program Files (x86)\Ilivid
Deleted on reboot : C:\Program Files (x86)\IncrediMail_MediaBar
Deleted on reboot : C:\Program Files (x86)\Produtools_Manuals_2.1
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2319576
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2499479
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3209604
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Key Deleted : HKCU\Software\Produtools_Manuals_2.1
Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Key Deleted : HKLM\SOFTWARE\Classes\ctbr.R404Pro
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\CToolbar
Key Deleted : HKLM\SOFTWARE\IncrediMail_MediaBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Produtools_Manuals_2.1 Toolbar
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\SOFTWARE\Produtools_Manuals_2.1
[x64] Key Deleted : HKLM\SOFTWARE\DataMngr

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A563639D-A539-4BCE-B5B8-7DA5FAF87D00}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D5B2594A-F029-4EE1-9AAF-9166A2F91F69}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A687E5E5-6EAE-4852-B2F4-3B182AD9E041}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A563639D-A539-4BCE-B5B8-7DA5FAF87D00}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D5B2594A-F029-4EE1-9AAF-9166A2F91F69}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A563639D-A539-4BCE-B5B8-7DA5FAF87D00}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D5B2594A-F029-4EE1-9AAF-9166A2F91F69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A563639D-A539-4BCE-B5B8-7DA5FAF87D00}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D5B2594A-F029-4EE1-9AAF-9166A2F91F69}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A899079D-206F-43A6-BE6A-07E0FA648EA0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C80BDEB2-8735-44C6-BD55-A1CCD555667A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A563639D-A539-4BCE-B5B8-7DA5FAF87D00}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A899079D-206F-43A6-BE6A-07E0FA648EA0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A563639D-A539-4BCE-B5B8-7DA5FAF87D00}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A563639D-A539-4BCE-B5B8-7DA5FAF87D00}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - SearchAssistant] = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80197 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - CustomizeSearch] = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80197 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80197 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80197 --> hxxp://www.google.com

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "homepage" : "hxxp://www.searchnu.com/406",
Deleted : "hxxp://www.searchnu.com/406"
Deleted : "name" : "Search Results",
Deleted : "search_url" : "hxxp://dts.search-results.com/sr?src=crb&appid=139&systemid=406&sr=0&q={sear[...]
Deleted : "homepage" : "hxxp://www.searchnu.com/406",
Deleted : "hxxp://www.searchnu.com/406"

*************************

AdwCleaner[R1].txt - [20855 octets] - [30/08/2012 10:19:02]
AdwCleaner[S1].txt - [14260 octets] - [30/08/2012 10:19:54]

########## EOF - C:\AdwCleaner[S1].txt - [14389 octets] ##########


File from OTL:

OTL logfile created on: 8/30/2012 10:59:15 AM - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Jan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 48.94% Memory free
7.70 Gb Paging File | 5.48 Gb Available in Paging File | 71.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.19 Gb Total Space | 189.34 Gb Free Space | 66.39% Space Free | Partition Type: NTFS
Drive D: | 12.90 Gb Total Space | 1.96 Gb Free Space | 15.16% Space Free | Partition Type: NTFS

Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/30 07:56:15 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/23 16:37:46 | 000,793,088 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/07/23 16:37:46 | 000,103,936 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/11/07 15:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
PRC - [2011/11/07 15:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2009/07/27 20:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/09/26 05:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/09/25 21:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/09/25 21:41:44 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/19 04:35:24 | 000,224,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d81872939252c65b6f1127f331b84de0\PresentationFramework.Classic.ni.dll
MOD - [2012/08/19 04:34:43 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012/08/19 04:34:21 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012/08/19 04:34:03 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012/08/19 04:31:41 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/08/19 04:31:39 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll
MOD - [2012/08/19 04:31:39 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.Wrapper.dll
MOD - [2012/08/19 04:31:37 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll
MOD - [2012/08/19 04:31:36 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012/08/19 03:51:11 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/08/19 03:50:58 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/08/19 03:50:40 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/08/19 03:50:31 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/08/19 03:50:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/08/19 03:48:40 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/08/19 03:48:33 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2010/09/01 15:24:38 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2009/04/11 02:28:21 | 000,368,640 | ---- | M] () -- C:\WINDOWS\SysWOW64\msjetoledb40.dll
MOD - [2009/04/10 22:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/30 00:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/09/30 19:56:06 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/09/30 19:52:02 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/09/30 19:52:00 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/09/30 19:51:52 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/09/30 19:51:52 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/09/30 19:51:36 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/09/30 19:51:36 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/09/30 19:51:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2008/09/25 21:42:26 | 000,881,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/08/13 17:09:38 | 000,240,640 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_1b06afce\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_1b06afce\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/09/17 00:14:32 | 000,905,216 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 15:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/08/14 16:07:22 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/23 16:37:46 | 000,793,088 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/11/07 15:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/11/07 15:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/10/03 15:49:53 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/20 21:37:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2011/01/27 01:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/13 17:09:38 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/04/03 06:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/11/21 22:05:22 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/10/03 17:17:30 | 000,184,320 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/09/17 01:01:26 | 004,709,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/07/21 06:53:04 | 000,145,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/04/28 05:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/04/27 14:09:18 | 001,133,568 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/01/24 09:24:24 | 000,060,928 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/01/20 22:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/06/18 20:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2012/08/27 10:23:35 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120828.002\ex64.sys -- (NAVEX15)
DRV - [2012/08/27 10:23:35 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120828.002\eng64.sys -- (NAVENG)
DRV - [2012/08/19 16:45:41 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120825.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/10 23:12:13 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/10 23:12:13 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/10 20:25:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120823.005\BHDrvx64.sys -- (BHDrvx64)
DRV - [2008/09/26 05:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{C4B887F1-E634-4BCC-8BA4-6E91B16D2814}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{C4B887F1-E634-4BCC-8BA4-6E91B16D2814}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..\SearchScopes\{86F32CB8-D408-4D56-AFC4-C442CBB0AF23}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Jan\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/08/19 00:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_12_1 [2012/08/28 14:56:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\GamingWonderland\bar\1.bin

[2012/05/11 16:31:08 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\
CHR - Extension: No name found = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\

O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (RivalGaming Games) - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\Jan\AppData\Local\RivalGaming\RivalGaming.dll (RivalGaming)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Toolbar BHO) - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - Reg Error: Value error. File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000..\Run: [cdloader] C:\Users\Jan\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000..\Run: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-2895445873-1458728923-2671748927-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://www.facebook....b?1265907443721 (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7F73262-C57E-48DF-8B3C-E22B4DBAE0AF}: DhcpNameServer = 192.168.4.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\G\Shell\phone\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/30 07:56:03 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2012/08/30 07:29:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/29 12:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2012/08/29 12:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/08/29 12:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/08/28 15:48:43 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Registry Mechanic
[2012/08/28 13:05:53 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2012/08/28 13:05:53 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2012/08/28 13:05:53 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2012/08/28 13:05:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Registry Mechanic
[2012/08/28 13:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/08/28 13:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/08/28 13:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/08/28 13:05:19 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Product_RM
[2012/08/28 09:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/08/28 09:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2012/08/27 10:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/27 10:33:51 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/26 18:34:19 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes
[2012/08/26 18:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/26 18:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/24 20:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/24 17:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/08/24 17:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2012/08/24 17:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/08/18 23:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Weather Channel
[2012/08/18 20:42:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64
[2012/08/18 20:42:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\0200110.014
[2012/08/18 20:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup
[2012/08/18 20:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2012/08/18 20:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012/08/18 20:01:37 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Local\PC_Drivers_Headquarters
[2012/08/18 20:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Manager
[2012/08/18 20:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Manager
[2012/08/18 19:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Manager

========== Files - Modified Within 30 Days ==========

[2012/08/30 10:59:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/30 10:22:29 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2012/08/30 10:22:26 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/30 10:22:06 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/30 10:22:06 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/30 10:21:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/30 10:21:45 | 4024,262,656 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/30 10:20:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/30 10:19:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/30 10:18:28 | 000,618,227 | ---- | M] () -- C:\Users\Jan\Desktop\adwcleaner.exe
[2012/08/30 07:56:15 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2012/08/30 07:31:40 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/29 12:43:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/08/29 12:43:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/08/29 12:20:00 | 000,056,320 | -H-- | M] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/29 12:04:31 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/08/28 20:30:51 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2012/08/28 17:06:14 | 000,309,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/28 15:37:37 | 000,006,836 | -H-- | M] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat
[2012/08/28 13:05:53 | 000,001,120 | -H-- | M] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/08/28 09:55:14 | 000,000,878 | -H-- | M] () -- C:\Users\Jan\Desktop\SpywareBlaster.lnk
[2012/08/27 17:46:16 | 000,000,040 | -H-- | M] () -- C:\Users\Public\Documents\_rgpl
[2012/08/27 10:33:55 | 000,000,908 | -H-- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/24 17:26:28 | 000,002,025 | -H-- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/19 03:50:42 | 000,751,384 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/19 03:50:42 | 000,640,690 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/19 03:50:42 | 000,118,910 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/19 03:50:33 | 000,751,384 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/18 20:43:02 | 000,002,125 | -H-- | M] () -- C:\Users\Public\Desktop\Norton PC Checkup.LNK
[2012/08/18 20:00:17 | 000,002,168 | -H-- | M] () -- C:\Users\Public\Desktop\Driver Manager.lnk
[2012/08/05 16:42:31 | 000,001,357 | -H-- | M] () -- C:\Users\Public\Desktop\iLivid.lnk
[2012/08/05 16:38:19 | 000,001,102 | -H-- | M] () -- C:\Users\Public\Desktop\Upgrade Facebook Chat Experience.lnk
[2012/08/05 16:38:18 | 000,000,971 | -H-- | M] () -- C:\Users\Public\Desktop\Play Games.lnk

========== Files Created - No Company Name ==========

[2012/08/30 10:18:22 | 000,618,227 | ---- | C] () -- C:\Users\Jan\Desktop\adwcleaner.exe
[2012/08/30 07:30:32 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/30 07:30:31 | 000,002,455 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/08/29 12:43:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/08/29 12:43:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/08/29 12:42:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012/08/28 15:45:34 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job
[2012/08/28 15:45:33 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\RMAutoUpdate.job
[2012/08/28 13:05:53 | 000,001,120 | -H-- | C] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/08/28 13:05:52 | 000,040,448 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe
[2012/08/28 09:55:13 | 000,000,878 | -H-- | C] () -- C:\Users\Jan\Desktop\SpywareBlaster.lnk
[2012/08/27 17:46:16 | 000,000,040 | -H-- | C] () -- C:\Users\Public\Documents\_rgpl
[2012/08/27 10:33:55 | 000,000,908 | -H-- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/27 10:10:54 | 4024,262,656 | -HS- | C] () -- C:\hiberfil.sys
[2012/08/18 23:12:26 | 000,751,384 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/18 20:43:02 | 000,002,125 | -H-- | C] () -- C:\Users\Public\Desktop\Norton PC Checkup.LNK
[2012/08/18 20:42:53 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\0200110.014\isolate.ini
[2012/08/18 20:00:16 | 000,002,168 | -H-- | C] () -- C:\Users\Public\Desktop\Driver Manager.lnk
[2012/08/05 16:38:19 | 000,001,102 | -H-- | C] () -- C:\Users\Public\Desktop\Upgrade Facebook Chat Experience.lnk
[2012/08/05 16:38:17 | 000,000,971 | -H-- | C] () -- C:\Users\Public\Desktop\Play Games.lnk
[2012/08/05 16:35:41 | 000,001,357 | -H-- | C] () -- C:\Users\Public\Desktop\iLivid.lnk
[2012/03/24 19:33:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/02/07 22:56:05 | 000,001,940 | -H-- | C] () -- C:\Users\Jan\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/21 23:19:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/10 16:20:50 | 000,006,836 | -H-- | C] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat
[2009/06/09 14:28:25 | 000,056,320 | -H-- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2011/10/19 20:19:52 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\Canon
[2010/02/11 13:10:34 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\Facebook
[2012/05/19 22:13:11 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\FixCleaner
[2009/06/09 14:27:16 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\GameHouse
[2012/01/19 17:43:42 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\mjusbsp
[2012/08/28 13:05:19 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\Product_RM
[2012/08/28 17:04:03 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\Registry Mechanic
[2010/01/26 17:15:17 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\VirtualStore
[2012/08/30 10:22:29 | 000,000,298 | ---- | M] () -- C:\Windows\Tasks\RMAutoUpdate.job
[2012/08/28 20:30:51 | 000,000,300 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2012/08/30 10:20:45 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 02:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\WINDOWS\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 22:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 02:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\SysWOW64\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 01:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 22:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 22:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: QMGR.DLL >
[2009/04/11 03:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) MD5=6D316F4859634071CC25C4FD4589AD2C -- C:\Windows\SysNative\qmgr.dll
[2009/04/11 03:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) MD5=6D316F4859634071CC25C4FD4589AD2C -- C:\WINDOWS\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_819ad97caef1480e\qmgr.dll
[2008/01/20 22:50:12 | 001,082,368 | ---- | M] (Microsoft Corporation) MD5=D896A0D43F8AB81ECB1FC6C24DECFD58 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_7faf6070b1cf7cc2\qmgr.dll

< MD5 for: SERVICES >
[2006/09/18 17:37:24 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\services

< MD5 for: SERVICES.EXE >
[2008/01/20 22:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 03:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009/04/11 03:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\WINDOWS\SysWOW64\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/20 22:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 11:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\WINDOWS\SysWOW64\en-US\services.exe.mui
[2006/11/02 11:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
[2006/11/02 11:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\SysNative\en-US\services.exe.mui
[2006/11/02 11:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c3e5209ee1678e23\services.exe.mui

< MD5 for: SERVICES.LNK >
[2008/01/20 23:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 23:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysWOW64\wbem\services.mof
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.mof
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 11:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2006/09/18 17:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2006/11/02 11:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\SysWOW64\en-US\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\SysWOW64\services.msc
[2006/11/02 11:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fe26f08ab7d12816\services.msc
[2006/09/18 17:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_2b827e27fe185619\services.msc
[2006/11/02 11:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SVCHOST.EXE >
[2008/01/20 22:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\SysWOW64\svchost.exe
[2008/01/20 22:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/01/20 22:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/20 22:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\WINDOWS\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 22:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\SysWOW64\userinit.exe
[2008/01/20 22:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 22:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 22:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\WINDOWS\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 22:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\SysWOW64\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/20 22:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >
"DisplayName" = @%SystemRoot%\system32\qmgr.dll,-1000
"ImagePath" = %SystemRoot%\System32\svchost.exe -k netsvcs -- [2008/01/20 22:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\qmgr.dll,-1001
"ObjectName" = LocalSystem
"ErrorControl" = 1
"Start" = 2
"DelayedAutoStart" = 1
"Type" = 32
"DependOnService" = RpcSsEventSystem [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = [Binary data over 100 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
"ServiceDll" = %SystemRoot%\System32\qmgr.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Performance]
"Library" = bitsperf.dll -- [2006/11/02 05:46:02 | 000,017,920 | ---- | M] (Microsoft Corporation)
"Open" = PerfMon_Open
"Collect" = PerfMon_Collect
"Close" = PerfMon_Close
"InstallType" = 1
"PerfIniFile" = bitsctrs.ini
"First Counter" = 1908
"Last Counter" = 1924
"First Help" = 1909
"Last Help" = 1925
"Object List" = 1908
"PerfMMFileName" = Global\MMF_BITS_s
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
"Security" = [Binary data over 100 bytes]

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 170 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Norton is your main antivirus.. What driver is it trying to update ?

Looks like it missed just one

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
    
    :Commands
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
blondie53185

blondie53185

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Now, the Catalyst Control Center indicates it has stopped working and the Driver Manager still indicates it needs an update but does not recognize my internet connect. I cannot close the Driver Manager. Here is my lastest log:

OTL logfile created on: 8/30/2012 1:21:37 PM - Run 3
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Jan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.08 Gb Available Physical Memory | 55.50% Memory free
7.71 Gb Paging File | 5.59 Gb Available in Paging File | 72.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.19 Gb Total Space | 190.51 Gb Free Space | 66.80% Space Free | Partition Type: NTFS
Drive D: | 12.90 Gb Total Space | 1.96 Gb Free Space | 15.16% Space Free | Partition Type: NTFS

Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/30 07:56:15 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/23 16:37:46 | 000,793,088 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/07/23 16:37:46 | 000,103,936 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/11/07 15:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
PRC - [2011/11/07 15:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2009/07/27 20:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/09/26 05:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/09/25 21:42:24 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/09/25 21:41:44 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/19 04:35:24 | 000,224,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d81872939252c65b6f1127f331b84de0\PresentationFramework.Classic.ni.dll
MOD - [2012/08/19 04:34:43 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012/08/19 04:34:21 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012/08/19 04:34:03 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012/08/19 04:31:41 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/08/19 04:31:39 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll
MOD - [2012/08/19 04:31:39 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.Wrapper.dll
MOD - [2012/08/19 04:31:37 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll
MOD - [2012/08/19 04:31:36 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012/08/19 03:51:11 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/08/19 03:50:58 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/08/19 03:50:40 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/08/19 03:50:31 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/08/19 03:50:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/08/19 03:48:40 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/08/19 03:48:33 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2010/09/01 15:24:38 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2009/04/11 02:28:21 | 000,368,640 | ---- | M] () -- C:\WINDOWS\SysWOW64\msjetoledb40.dll
MOD - [2009/04/10 22:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/30 00:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/09/30 19:56:06 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/09/30 19:52:02 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/09/30 19:52:00 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/09/30 19:51:52 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/09/30 19:51:52 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/09/30 19:51:36 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/09/30 19:51:36 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/09/30 19:51:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2008/09/25 21:42:26 | 000,881,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/08/13 17:09:38 | 000,240,640 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_1b06afce\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_1b06afce\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/09/17 00:14:32 | 000,905,216 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 15:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2012/08/14 16:07:22 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/23 16:37:46 | 000,793,088 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/11/07 15:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/11/07 15:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/10/03 15:49:53 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/20 21:37:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2011/01/27 01:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/13 17:09:38 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/04/03 06:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/11/21 22:05:22 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/10/03 17:17:30 | 000,184,320 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/09/17 01:01:26 | 004,709,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/07/21 06:53:04 | 000,145,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/04/28 05:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/04/27 14:09:18 | 001,133,568 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/01/24 09:24:24 | 000,060,928 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/01/20 22:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/06/18 20:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2012/08/27 10:23:35 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120828.002\ex64.sys -- (NAVEX15)
DRV - [2012/08/27 10:23:35 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120828.002\eng64.sys -- (NAVENG)
DRV - [2012/08/19 16:45:41 | 000,512,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120825.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/10 23:12:13 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/10 23:12:13 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/10 20:25:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120823.005\BHDrvx64.sys -- (BHDrvx64)
DRV - [2008/09/26 05:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{C4B887F1-E634-4BCC-8BA4-6E91B16D2814}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{C4B887F1-E634-4BCC-8BA4-6E91B16D2814}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{86F32CB8-D408-4D56-AFC4-C442CBB0AF23}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{934BCD49-C81A-4ED0-86DF-56EE1B6DA341}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Jan\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/08/19 00:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_12_1 [2012/08/28 14:56:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\GamingWonderland\bar\1.bin

[2012/05/11 16:31:08 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\
CHR - Extension: No name found = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\

O1 HOSTS File: ([2012/08/30 12:54:50 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (RivalGaming Games) - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\Jan\AppData\Local\RivalGaming\RivalGaming.dll (RivalGaming)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Toolbar BHO) - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - Reg Error: Value error. File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [cdloader] C:\Users\Jan\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://www.facebook....b?1265907443721 (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7F73262-C57E-48DF-8B3C-E22B4DBAE0AF}: DhcpNameServer = 192.168.4.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\G\Shell\phone\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/30 12:54:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/30 07:56:03 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2012/08/30 07:29:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/29 12:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2012/08/29 12:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/08/29 12:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/08/28 15:48:43 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Registry Mechanic
[2012/08/28 13:05:53 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2012/08/28 13:05:53 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2012/08/28 13:05:53 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2012/08/28 13:05:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Registry Mechanic
[2012/08/28 13:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/08/28 13:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/08/28 13:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/08/28 13:05:19 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Product_RM
[2012/08/28 09:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/08/28 09:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2012/08/27 10:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/27 10:33:51 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/26 18:34:19 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes
[2012/08/26 18:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/26 18:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/24 20:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/24 17:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/08/24 17:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2012/08/24 17:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/08/18 23:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Weather Channel
[2012/08/18 20:42:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64
[2012/08/18 20:42:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\0200110.014
[2012/08/18 20:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup
[2012/08/18 20:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2012/08/18 20:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012/08/18 20:01:37 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Local\PC_Drivers_Headquarters
[2012/08/18 20:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Manager
[2012/08/18 20:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Manager
[2012/08/18 19:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Manager

========== Files - Modified Within 30 Days ==========

[2012/08/30 13:19:01 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/30 13:11:55 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2012/08/30 13:11:25 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/30 12:59:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/30 12:58:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/30 12:58:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/30 12:58:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/30 12:58:23 | 4024,262,656 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/30 12:57:11 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/08/30 10:18:28 | 000,618,227 | ---- | M] () -- C:\Users\Jan\Desktop\adwcleaner.exe
[2012/08/30 07:56:15 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2012/08/30 07:31:40 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/29 12:43:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/08/29 12:43:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/08/29 12:20:00 | 000,056,320 | -H-- | M] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/29 12:04:31 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/08/28 20:30:51 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2012/08/28 17:06:14 | 000,309,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/28 15:37:37 | 000,006,836 | -H-- | M] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat
[2012/08/28 13:05:53 | 000,001,120 | -H-- | M] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/08/28 09:55:14 | 000,000,878 | -H-- | M] () -- C:\Users\Jan\Desktop\SpywareBlaster.lnk
[2012/08/27 17:46:16 | 000,000,040 | -H-- | M] () -- C:\Users\Public\Documents\_rgpl
[2012/08/27 10:33:55 | 000,000,908 | -H-- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/24 17:26:28 | 000,002,025 | -H-- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/19 03:50:42 | 000,751,384 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/19 03:50:42 | 000,640,690 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/19 03:50:42 | 000,118,910 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/19 03:50:33 | 000,751,384 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/18 20:43:02 | 000,002,125 | -H-- | M] () -- C:\Users\Public\Desktop\Norton PC Checkup.LNK
[2012/08/18 20:00:17 | 000,002,168 | -H-- | M] () -- C:\Users\Public\Desktop\Driver Manager.lnk
[2012/08/05 16:42:31 | 000,001,357 | -H-- | M] () -- C:\Users\Public\Desktop\iLivid.lnk
[2012/08/05 16:38:19 | 000,001,102 | -H-- | M] () -- C:\Users\Public\Desktop\Upgrade Facebook Chat Experience.lnk
[2012/08/05 16:38:18 | 000,000,971 | -H-- | M] () -- C:\Users\Public\Desktop\Play Games.lnk

========== Files Created - No Company Name ==========

[2012/08/30 10:18:22 | 000,618,227 | ---- | C] () -- C:\Users\Jan\Desktop\adwcleaner.exe
[2012/08/30 07:30:32 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/30 07:30:31 | 000,002,455 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/08/29 12:43:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/08/29 12:43:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/08/29 12:42:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012/08/28 15:45:34 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job
[2012/08/28 15:45:33 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\RMAutoUpdate.job
[2012/08/28 13:05:53 | 000,001,120 | -H-- | C] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2012/08/28 13:05:52 | 000,040,448 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe
[2012/08/28 09:55:13 | 000,000,878 | -H-- | C] () -- C:\Users\Jan\Desktop\SpywareBlaster.lnk
[2012/08/27 17:46:16 | 000,000,040 | -H-- | C] () -- C:\Users\Public\Documents\_rgpl
[2012/08/27 10:33:55 | 000,000,908 | -H-- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/27 10:10:54 | 4024,262,656 | -HS- | C] () -- C:\hiberfil.sys
[2012/08/18 23:12:26 | 000,751,384 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/18 20:43:02 | 000,002,125 | -H-- | C] () -- C:\Users\Public\Desktop\Norton PC Checkup.LNK
[2012/08/18 20:42:53 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NortonPCCheckupx64\0200110.014\isolate.ini
[2012/08/18 20:00:16 | 000,002,168 | -H-- | C] () -- C:\Users\Public\Desktop\Driver Manager.lnk
[2012/08/05 16:38:19 | 000,001,102 | -H-- | C] () -- C:\Users\Public\Desktop\Upgrade Facebook Chat Experience.lnk
[2012/08/05 16:38:17 | 000,000,971 | -H-- | C] () -- C:\Users\Public\Desktop\Play Games.lnk
[2012/08/05 16:35:41 | 000,001,357 | -H-- | C] () -- C:\Users\Public\Desktop\iLivid.lnk
[2012/03/24 19:33:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/02/07 22:56:05 | 000,001,940 | -H-- | C] () -- C:\Users\Jan\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/21 23:19:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/10 16:20:50 | 000,006,836 | -H-- | C] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat
[2009/06/09 14:28:25 | 000,056,320 | -H-- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2011/10/19 20:19:52 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\Canon
[2010/02/11 13:10:34 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\Facebook
[2012/05/19 22:13:11 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\FixCleaner
[2009/06/09 14:27:16 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\GameHouse
[2012/01/19 17:43:42 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\mjusbsp
[2012/08/28 13:05:19 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\Product_RM
[2012/08/28 17:04:03 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\Registry Mechanic
[2010/01/26 17:15:17 | 000,000,000 | -H-D | M] -- C:\Users\Jan\AppData\Roaming\VirtualStore
[2012/08/30 13:11:55 | 000,000,298 | ---- | M] () -- C:\Windows\Tasks\RMAutoUpdate.job
[2012/08/28 20:30:51 | 000,000,300 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2012/08/30 12:57:11 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 170 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ok the catalyst control centre is related to your Video card, and drive manager is part of PC Driver

Download the PC driver update from here and install

For the catalyst control centre go to this link and it will give you the correct driver for your system
  • 0

#7
blondie53185

blondie53185

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Thanks for the links but I'm still having a problem with the catalyst control center. I've stopped all the processes that were running using the task manager and still, when I click on the link to download from AMD, it appears to download in about 5 seconds, then, when I click run, it tells me that it cannot connect to the internet. I am using a wireless router as it is my only option and I have no problem getting connected to anything else on the internet. Any ideas? Yes, I'm still receiving the message regarding the catalyst control center.
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK first thought is do you require the catalyst centre... This is needed if you are continually changing resolutions if you aren't then I can remove the run key

Is the driver manager working OK now ?
  • 0

#9
blondie53185

blondie53185

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Everything is working great except for the catalyst thing. The resolution is never changed. Can you provide instructions to remove please?
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Let me know if this quick fix cures the catalyst problem

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :Reg
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
    StartCCC=-
    
    :Commands
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

  • 0

#11
blondie53185

blondie53185

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Uh-oh No luck on this fix. Here is my OTL log file:

All processes killed
Error: Unable to interpret <:Reg[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]StartCCC=-:Commands[emptytemp][CREATERESTOREPOINT][Reboot]> in the current context!

OTL by OldTimer - Version 3.2.59.1 log created on 08312012_153115

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK that was copied wrong.. So

Download Fix.txt to your desktop
[attachment=60161:fix.txt]
Run OTL and press the Run Fix button
OTL will ask for the location of Fix.txt
Navigate to the copy you downloaded on the desktop
Select that and press run fix again
  • 0

#13
blondie53185

blondie53185

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Woo-hoo! I think we are healed!! Thanks so much for your guidance. I've included the OTL log here, just in case something jumps out at you.

Best regards,
Blondie

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jan
->Temp folder emptied: 3095680 bytes
->Temporary Internet Files folder emptied: 29785820 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1055 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 31.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.59.1 log created on 09012012_135103

Files\Folders moved on Reboot...
C:\Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ONMVGCVN\page__p__2199684__fromsearch__1[1].htm moved successfully.
C:\Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JS3KZZVM\fastbutton[1].htm moved successfully.
C:\Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP