Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

security centre [Closed]


  • This topic is locked This topic is locked

#1
toddtomato

toddtomato

    New Member

  • Member
  • Pip
  • 0 posts
hi,I hope you can help me with my problem,I cannot get windows firewall or automatic updating to work,everytime i try I recieve this message ,Security Centre can,t turn on windows firewall and it can,t change my auto updating .It was affecting my anti virus as well but I found some kind of a fix that made it work ,allthough I still have my doubt,s about it .I am only a novice as far as these problems are concerned so please could you bear with me on thisOTL logfile created on: 31/08/2012 20:26:12 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\todd\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 38.44% Memory free
6.21 Gb Paging File | 4.14 Gb Available in Paging File | 66.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.86 Gb Total Space | 63.75 Gb Free Space | 22.30% Space Free | Partition Type: NTFS
Drive D: | 12.23 Gb Total Space | 1.39 Gb Free Space | 11.41% Space Free | Partition Type: NTFS

Computer Name: TODD-PC | User Name: todd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/31 20:25:03 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\todd\Downloads\OTL.exe
PRC - [2012/07/29 20:52:22 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/07/29 20:52:20 | 001,673,048 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/10 05:09:02 | 001,250,328 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/05/12 21:21:49 | 006,380,400 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2012/04/25 09:20:28 | 000,154,632 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Virgin Media Security\10.0.41.60198\RpsSecurityAwareR.exe
PRC - [2012/04/25 09:20:24 | 000,269,480 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Virgin Media Security\10.0.41.60198\Rps.exe
PRC - [2012/03/07 11:59:20 | 010,294,584 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
PRC - [2012/03/07 08:55:30 | 000,909,312 | ---- | M] () -- C:\Program Files\NetNucleous\ActiveCollector\ActiveCollector.exe
PRC - [2012/03/07 08:54:20 | 000,061,440 | ---- | M] () -- C:\Program Files\NetNucleous\ActiveCollector\ACRecover.exe
PRC - [2011/04/22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/03/23 14:12:58 | 001,406,264 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
PRC - [2010/09/28 22:33:02 | 002,407,632 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/09/17 22:14:14 | 000,196,320 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2010/09/17 22:14:14 | 000,138,640 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
PRC - [2010/09/17 21:32:42 | 001,006,672 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
PRC - [2010/09/17 21:32:42 | 000,112,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
PRC - [2010/05/20 16:27:26 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/10 05:09:00 | 000,438,296 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll
MOD - [2012/07/10 05:08:59 | 003,972,120 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/10 05:07:39 | 000,554,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012/07/10 05:07:37 | 000,117,784 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012/07/10 05:07:22 | 000,140,328 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/10 05:07:21 | 000,262,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/10 05:07:19 | 002,386,984 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/10 03:17:27 | 009,255,112 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012/06/13 07:56:32 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/06/13 07:56:16 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012/06/13 07:55:11 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012/05/28 21:40:49 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll
MOD - [2012/05/09 19:45:34 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\5ebaa15cccc356bc3afba0c8f56977f7\UIAutomationTypes.ni.dll
MOD - [2012/05/09 19:45:22 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/09 19:37:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 19:06:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/09 18:56:44 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/09 18:55:38 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012/05/09 18:55:27 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll
MOD - [2012/05/09 18:54:29 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012/05/09 18:54:12 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/09 18:53:15 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/03/07 08:55:30 | 000,909,312 | ---- | M] () -- C:\Program Files\NetNucleous\ActiveCollector\ActiveCollector.exe
MOD - [2012/03/07 08:54:20 | 000,061,440 | ---- | M] () -- C:\Program Files\NetNucleous\ActiveCollector\ACRecover.exe
MOD - [2012/02/01 14:43:10 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/10/21 16:23:26 | 000,841,728 | ---- | M] () -- C:\Program Files\Virgin Media\Virgin Media Security\10.0.41.60198\xulrunner\js3250.dll
MOD - [2010/09/17 22:14:12 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
MOD - [2010/09/17 22:14:12 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
MOD - [2010/09/17 21:32:56 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll
MOD - [2010/09/17 21:32:56 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll
MOD - [2010/06/30 00:12:54 | 000,061,440 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/06/30 00:12:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/06/30 00:12:42 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/06/30 00:12:40 | 000,036,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/06/30 00:12:40 | 000,007,680 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/06/30 00:12:40 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/06/30 00:12:36 | 000,018,944 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/01/22 15:13:30 | 000,323,160 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\winSkinD7R.bpl
MOD - [2010/01/22 15:13:16 | 000,045,656 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl
MOD - [2010/01/22 15:11:36 | 000,150,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\STFix.dll
MOD - [2010/01/22 15:11:30 | 000,057,432 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 3\NtfsData.dll
MOD - [2009/06/08 12:29:19 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2009/03/30 05:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Users\todd\AppData\Roaming\Microsoft\Windows\AdvService.exe -- (SrvAd)
SRV - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV - [2012/08/31 15:41:05 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/29 20:52:22 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/25 09:20:28 | 000,154,632 | ---- | M] (Virgin Media) [Auto | Running] -- C:\Program Files\Virgin Media\Virgin Media Security\10.0.41.60198\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2012/03/07 11:59:20 | 010,294,584 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe -- (ServicepointService)
SRV - [2011/04/22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/03/23 14:12:58 | 001,406,264 | ---- | M] (Virgin Media) [Auto | Running] -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe -- (HsdService)
SRV - [2010/06/19 02:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/01/04 12:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Virgin Media\Security\BitDefender\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Virgin Media\Security\BitDefender\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2012/08/06 20:23:46 | 000,228,376 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys -- (RapportCerberus_42020)
DRV - [2012/07/29 20:52:38 | 000,166,840 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2012/07/29 20:52:38 | 000,071,480 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2012/07/29 20:52:38 | 000,065,848 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/12/20 03:46:50 | 000,021,504 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2010/09/17 22:14:16 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2010/09/17 22:14:16 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/09/17 22:14:16 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/09/17 22:14:16 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/07/14 12:51:56 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2010/05/20 16:27:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2010/03/02 20:04:59 | 000,390,528 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\RapportBuka.sys -- (RapportBuka)
DRV - [2009/09/02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/08/05 03:18:24 | 000,551,424 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2009/07/21 11:39:32 | 000,576,896 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2009/02/02 19:59:28 | 000,020,848 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor for Windows\pcdsrvc.pkms -- (PCDSRVC{4F253FFC-7957E8FC-06000000}_0)
DRV - [2008/08/12 09:02:06 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2004/02/18 23:12:00 | 000,299,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd.sys -- (snpstd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.maxiwe.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80135
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...aspx?tbid=80135
IE - HKLM\..\URLSearchHook: {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{807C63AC-64F7-4D52-A45C-44D99BFD78F8}: "URL" = http://uk.kelkoopart...tnerId=96913936
IE - HKLM\..\SearchScopes\{99B48323-27E4-4A2E-B8B8-000EEA94868A}: "URL" = http://uk.search.yah...p06&type=ie2008
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1419405
IE - HKLM\..\SearchScopes\{F98FCB4C-2A34-44F8-AE62-925934CFFE17}: "URL" = http://slirsredirect...hpcndtie7-en-gb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=ie9fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 F2 C7 99 7A 1F CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found
IE - HKCU\..\URLSearchHook: {4adc4b13-b4c2-4946-835e-c5f61fa9d8bf} - No CLSID value found
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\URLSearchHook: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {8DEE28BA-F551-4326-B23D-1BB4D1BD28F2}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000002421b04103
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.c...rms}&tbid=60180
IE - HKCU\..\SearchScopes\{1F3DECD4-3DB4-484B-8D94-5CFCD55D6E55}: "URL" = http://www.google.co...&rlz=1I7SKPB_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7SKPB_en
IE - HKCU\..\SearchScopes\{807C63AC-64F7-4D52-A45C-44D99BFD78F8}: "URL" = http://uk.kelkoopart...tnerId=96913936
IE - HKCU\..\SearchScopes\{8A694610-1A38-4B8B-BA53-83AF85F7CCE2}: "URL" = http://fruttisearch....q={SearchTerms}
IE - HKCU\..\SearchScopes\{8DEE28BA-F551-4326-B23D-1BB4D1BD28F2}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{99B48323-27E4-4A2E-B8B8-000EEA94868A}: "URL" = http://uk.search.yah...p06&type=ie2008
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1419405
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80135&lng=en
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R89rF9eVn&i=26
IE - HKCU\..\SearchScopes\{F20C2A77-2FA7-4745-9BD9-8EEDFE8A6E53}: "URL" = http://websearch.ask...BA-62381717502F
IE - HKCU\..\SearchScopes\{F98FCB4C-2A34-44F8-AE62-925934CFFE17}: "URL" = http://slirsredirect...hpcndtie7-en-gb
IE - HKCU\..\SearchScopes\Yahoo!: "URL" = http://uk.search.yah...30,17152,0,18,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaulturl: "http://uk.search.yah...fr=ytff-tyc&p="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-tyc"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-tyc"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mystart.incre...R89rF9eVn&i=26"
FF - prefs.js..keyword.URL: "http://mystart.incre...&&i=26&search="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll (CouponAlert)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\todd\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AutocompletePro\[email protected] [2010/02/08 21:59:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}: C:\Users\todd\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5cea9a87-a3a5-4c2a-b08d-8a1876d4931c}: C:\Users\todd\AppData\Roaming\Mozilla\FireFox\{5cea9a87-a3a5-4c2a-b08d-8a1876d4931c}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1091\firefoxextension\ [2012/08/11 08:44:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/22 20:24:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/15 22:17:03 | 000,000,000 | ---D | M]

[2009/11/18 19:37:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\todd\AppData\Roaming\Mozilla\Extensions
[2009/10/06 11:39:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\todd\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/08/21 22:19:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions
[2011/07/15 19:55:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2010/05/28 06:39:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/16 21:14:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\{3191E4CE-790E-42be-B2E0-223475263B7E}
[2010/03/09 22:20:22 | 000,000,000 | ---D | M] (Power Karaoke Toolbar) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\{3303e956-2a3a-48e0-be39-2e0ef11a2f44}
[2011/06/17 20:54:08 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2010/04/02 20:22:05 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/23 22:14:46 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/07/28 10:39:00 | 000,000,000 | ---D | M] (SmileBox EN Community Toolbar) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\{f897eb0e-a3a4-46c3-80eb-2729699d8892}
[2010/05/15 11:35:02 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\[email protected]
[2010/05/15 11:35:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\[email protected]
[2010/10/23 08:55:49 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\[email protected]
[2010/12/23 22:14:47 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\[email protected]
[2011/09/10 15:06:50 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\[email protected]
[2012/04/27 17:58:26 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\[email protected]
[2012/05/17 21:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\[email protected]
[2011/07/15 19:55:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\extensions\staged-xpis
[2011/06/17 20:54:11 | 000,003,514 | ---- | M] () -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\searchplugins\ask.uk.xml
[2011/02/01 19:05:08 | 000,002,333 | ---- | M] () -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\searchplugins\askcom.xml
[2010/01/05 18:18:24 | 000,002,179 | ---- | M] () -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\searchplugins\inbox-search.xml
[2012/04/27 17:58:14 | 000,002,203 | ---- | M] () -- C:\Users\todd\AppData\Roaming\Mozilla\Firefox\Profiles\j2gqotb3.default\searchplugins\MyStart Search.xml
[2011/12/28 23:34:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/10 22:24:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/05/17 17:10:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/09 16:57:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/19 16:51:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/15 14:07:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/09 07:44:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/19 20:37:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/20 22:28:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2010/10/12 16:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2010/10/12 16:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2010/10/12 16:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2010/10/12 16:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2009/11/06 17:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/12 18:16:54 | 000,484,768 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2009/11/06 17:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/10/12 16:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2011/12/27 12:48:13 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/03/07 18:26:52 | 000,002,309 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/12/27 12:48:13 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/12/27 12:48:13 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/12/27 12:48:13 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/...uage={language}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Client Gateway 4.1.18 (Enabled) = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\nprpspa.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
CHR - plugin: Coupon Alert Installer Plugin Stub (Enabled) = C:\Program Files\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\todd\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: 1Click Downloader = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.2_0\
CHR - Extension: 1Click Downloader = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Radialpoint SPD Extension = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj\1.0_0\
CHR - Extension: Gmail = C:\Users\todd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/07/25 11:26:10 | 000,000,759 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ActiveCollectorPluginBHO Class) - {07202B0D-149C-4568-90DF-ACC2B4057809} - C:\Program Files\NetNucleous\ActiveCollector\ActiveCollectorPlugin.dll (NetNucleus Inc.)
O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - Reg Error: Value error. File not found
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\todd\AppData\Roaming\Complitly\AutocompletePro.dll (SimplyGen)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (P2P Energy Toolbar) - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (P2P Energy Toolbar) - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Tango) - {BB783C20-367C-4F25-AB74-3C7F038D3266} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (P2P Energy Toolbar) - {2BAE58C2-79F9-45D1-A286-81F911301C3A} - C:\Program Files\P2P_Energy\tbP2P0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Tango) - {BB783C20-367C-4F25-AB74-3C7F038D3266} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ServiceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Virgin Media Security] C:\Program Files\Virgin Media\Virgin Media Security\10.0.41.60198\RPS.exe (Virgin Media)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ActiveCollector] C:\Program Files\NetNucleous\ActiveCollector\ActiveCollector.exe ()
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [LonelyWalker] C:\Program Files\NetNucleous\ActiveCollector\ACRecover.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: easyjetairline.com ([access] https in Trusted sites)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80942D6C-F514-4178-9851-6A33B3F6B7BC}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Desert Landscape.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Desert Landscape.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKLM ShellExecuteHooks: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/31 15:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/08/31 15:22:59 | 000,000,000 | ---D | C] -- C:\Users\todd\AppData\Local\Temp
[2012/08/31 15:22:43 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/21 15:03:12 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2012/08/20 09:27:06 | 000,000,000 | ---D | C] -- C:\Users\todd\AppData\Local\Microsoft Corporation
[2012/08/20 09:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2012/08/15 10:54:44 | 000,000,000 | ---D | C] -- C:\Users\todd\AppData\Local\Macromedia
[2012/08/13 12:29:13 | 000,000,000 | ---D | C] -- C:\Users\todd\Incomplete
[2012/08/11 09:03:33 | 000,000,000 | ---D | C] -- C:\Users\todd\AppData\Roaming\{{userdatapath.company}}
[2012/08/11 08:30:53 | 000,092,112 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmtdi.sys
[2012/08/11 08:28:43 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2012/08/11 08:28:43 | 000,064,080 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmevtmgr.sys
[2012/08/11 08:28:42 | 000,080,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmactmon.sys
[2012/08/11 08:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012/08/11 08:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/08/10 12:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\CouponAlert_2pEI
[2011/06/17 20:53:43 | 000,462,112 | ---- | C] (How Inc.) -- C:\Program Files\Common Files\ZugoInstaller.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Windows\System32\
[2012/08/31 20:17:52 | 000,001,937 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/31 20:17:52 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/31 20:10:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/31 19:22:52 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/31 19:22:52 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/31 18:00:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2012/08/31 17:39:06 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFortodd.job
[2012/08/31 15:42:08 | 000,001,921 | ---- | M] () -- C:\Users\todd\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/31 15:23:02 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/31 15:23:02 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2012/08/31 15:22:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/31 15:22:40 | 3209,879,552 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/31 15:21:12 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Pro_sch_E2CA48D0-D959-11E1-96C3-002421B04103.job
[2012/08/23 20:00:00 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - todd - Full System Scan.job
[2012/08/21 14:00:40 | 000,003,247 | ---- | M] () -- C:\Users\todd\.swfinfo
[2012/08/20 09:14:51 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[2012/08/13 12:48:37 | 000,623,606 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/13 12:48:37 | 000,113,394 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/11 13:11:26 | 000,102,400 | ---- | M] () -- C:\Windows\RegBootClean.exe
[2012/08/11 08:43:31 | 000,002,093 | ---- | M] () -- C:\Users\Public\Desktop\Virgin Media Security.lnk
[2012/08/07 19:00:18 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2012/08/07 08:54:21 | 000,031,230 | ---- | M] () -- C:\Users\todd\AppData\Roaming\wklnhst.dat
[2012/08/07 08:39:28 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\AcPro Daily Update.job
[2012/08/04 20:53:06 | 000,247,296 | ---- | M] () -- C:\Users\todd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/03 17:37:04 | 000,000,770 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

File not found -- C:\Windows\System32\
[2012/08/31 15:42:08 | 000,001,937 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/31 15:42:08 | 000,001,921 | ---- | C] () -- C:\Users\todd\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/20 09:14:51 | 000,001,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
[2012/08/20 09:14:51 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[2012/08/12 12:50:21 | 003,725,633 | ---- | C] () -- C:\Users\todd\Desktop\03 - Florence And The Machine - I'm Not Calling You A Liar.mp3
[2012/08/11 12:23:26 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2012/08/11 08:43:31 | 000,002,093 | ---- | C] () -- C:\Users\Public\Desktop\Virgin Media Security.lnk
[2012/07/24 07:01:28 | 000,000,804 | ---- | C] () -- C:\Users\todd\AppData\Local\{a0505522-4962-0f27-9772-91087c9998c8}\L\[email protected]
[2012/07/23 23:11:20 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{a0505522-4962-0f27-9772-91087c9998c8}\L\[email protected]
[2012/07/07 16:34:28 | 000,003,247 | ---- | C] () -- C:\Users\todd\.swfinfo
[2011/12/29 15:47:15 | 000,303,104 | ---- | C] () -- C:\Windows\emunist.exe
[2011/12/29 15:47:10 | 000,001,723 | ---- | C] () -- C:\Windows\TVEpaDrv.ini
[2011/09/27 18:08:21 | 001,368,433 | ---- | C] () -- C:\Users\todd\WeightWatchers_FavoriteFamilyMeals2.pdf
[2011/06/16 06:50:59 | 000,000,376 | ---- | C] () -- C:\Users\todd\Documents - Shortcut.lnk
[2011/05/02 23:30:50 | 001,144,147 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2011/05/02 23:27:54 | 003,935,545 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2011/05/02 21:23:46 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2011/05/02 21:19:34 | 000,100,352 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2011/05/02 21:19:20 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/18 22:32:44 | 000,163,840 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2011/03/18 22:29:56 | 000,181,248 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2011/03/18 22:28:30 | 001,557,504 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2011/03/18 22:27:08 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2011/03/18 22:26:44 | 000,484,864 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2011/03/18 22:25:38 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2011/03/18 22:25:24 | 000,141,312 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2011/03/03 12:40:08 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2011/03/03 12:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2011/03/03 12:39:46 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2011/03/03 12:39:34 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2011/03/03 12:39:02 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2011/03/03 12:38:54 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll
[2011/03/03 12:38:40 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2011/03/03 12:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2011/03/03 12:38:04 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2011/03/03 12:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2011/03/03 12:37:40 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2011/03/03 12:35:32 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2011/03/03 12:35:26 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2011/02/22 20:39:04 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/02/22 20:37:30 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/02/03 20:40:15 | 000,000,680 | ---- | C] () -- C:\Users\todd\AppData\Local\d3d9caps.dat
[2010/12/07 19:17:01 | 000,000,235 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/10/08 17:20:33 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010/07/23 21:58:01 | 000,139,152 | ---- | C] () -- C:\Users\todd\AppData\Roaming\PnkBstrK.sys
[2010/02/15 20:38:06 | 000,075,580 | ---- | C] () -- C:\Users\todd\ffdshow.reg
[2010/01/11 22:30:59 | 000,017,089 | ---- | C] () -- C:\Users\todd\AppData\Roaming\UserTile.png
[2009/10/24 16:53:13 | 000,000,600 | ---- | C] () -- C:\Users\todd\PUTTY.RND
[2009/10/14 19:53:05 | 000,000,192 | ---- | C] () -- C:\Users\todd\AppData\Roaming\burnaware.ini
[2009/10/13 10:12:50 | 016,015,971 | ---- | C] () -- C:\Users\todd\AppData\Roaming\hd-video-converter.exe
[2009/10/11 17:56:41 | 000,031,230 | ---- | C] () -- C:\Users\todd\AppData\Roaming\wklnhst.dat
[2009/10/06 21:27:32 | 000,247,296 | ---- | C] () -- C:\Users\todd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2010/02/08 20:40:30 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\AnvSoft
[2011/09/10 15:06:15 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Babylon
[2010/01/25 20:41:04 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/08/31 20:42:10 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\BitTorrent
[2009/11/18 19:55:13 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\BitZipper
[2012/06/02 19:33:30 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\calibre
[2011/11/03 13:09:25 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/17 20:54:00 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Complitly
[2012/07/28 10:12:39 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\DriverCure
[2011/11/03 13:20:17 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Dropbox
[2010/02/19 21:06:48 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\EPSON
[2010/04/19 16:08:27 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Facebook
[2010/01/15 21:43:01 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\GetRightToGo
[2010/12/05 18:40:38 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\HandBrake
[2012/04/22 21:26:58 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\HMRC
[2012/07/28 10:39:07 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\ICAClient
[2009/10/14 20:10:13 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\ImTOO Software Studio
[2009/12/09 17:54:32 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\IObit
[2012/03/08 17:42:21 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Nbt
[2012/03/07 18:25:37 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\NetNucleous
[2010/02/11 20:51:59 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Nokia
[2009/12/11 22:09:18 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Nokia Ovi Suite
[2011/01/04 00:30:45 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Opera
[2012/07/24 10:36:55 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Outlook
[2009/10/19 21:41:01 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\PC Suite
[2012/08/31 15:38:13 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Radialpoint
[2012/07/01 20:42:19 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Seas0nPass
[2012/05/07 16:57:56 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Smilebox
[2012/07/28 10:12:39 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\SpeedyPC Software
[2009/10/11 17:56:52 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Template
[2010/07/02 19:55:20 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Thinstall
[2009/10/06 11:39:26 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\TomTom
[2009/12/05 18:21:31 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Trusteer
[2012/08/11 08:13:34 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Virgin Media
[2011/07/29 14:59:49 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\Visan
[2009/10/01 21:37:50 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\WildTangent
[2009/10/02 19:29:29 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\WinBatch
[2012/08/31 15:20:19 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\WinMX Music
[2012/08/31 15:20:19 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\XBMC
[2011/09/19 21:27:00 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\_MDLogs
[2012/08/11 09:03:33 | 000,000,000 | ---D | M] -- C:\Users\todd\AppData\Roaming\{{userdatapath.company}}
[2012/08/07 08:39:28 | 000,000,322 | ---- | M] () -- C:\Windows\Tasks\AcPro Daily Update.job
[2012/08/31 15:23:02 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2012/07/29 09:39:08 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\ErrorEND.job
[2012/08/07 19:00:18 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012/08/31 15:21:38 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/08/31 15:21:12 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Pro_sch_E2CA48D0-D959-11E1-96C3-002421B04103.job
[2012/08/31 18:00:00 | 000,000,466 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Registration3.job
[2012/07/28 10:42:46 | 000,000,438 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Update Version3.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2009/12/05 15:27:28 | 000,000,036 | ---- | M] ()(C:\Windows\System32\????????????????????????????????????g) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜物楧牂慯扤湡層䍐畧牡層慓敦潃湮捥屴潃普杩塜楖睥挮湯楦g
[2009/12/05 15:27:28 | 000,000,036 | ---- | C] ()(C:\Windows\System32\????????????????????????????????????g) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜物楧牂慯扤湡層䍐畧牡層慓敦潃湮捥屴潃普杩塜楖睥挮湯楦g

========== Alternate Data Streams ==========

@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:661DFA1C

< End of report >
one ,thanks tony
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi lets remove this infection for you

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :Files
    C:\Users\todd\AppData\Local\{a0505522-4962-0f27-9772-91087c9998c8}
    C:\Windows\Installer\{a0505522-4962-0f27-9772-91087c9998c8}
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

NEXT

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

FINALLY

run farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP