Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help Required [Closed]

Started by worldofshinty , Sep 30 2012 03:14 AM

  • Please log in to reply

#1
worldofshinty
Posted 30 September 2012 - 03:14 AM

worldofshinty

    Member

  • Member
  • PipPip
  • 27 posts
Hi was redirected to here from this topic

any help would be great, not sure what else to post

followed instructions in recent advice and currently i have lost 1.1gb overnight (Scotland Time)

I have attached the OTL results

OTL logfile created on: 30/09/2012 09:22:16 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jon\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1013.57 Mb Total Physical Memory | 246.06 Mb Available Physical Memory | 24.28% Memory free
3.88 Gb Paging File | 2.21 Gb Available in Paging File | 56.82% Paging File free
Paging file location(s): c:\pagefile.sys 3000 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.69 Gb Total Space | 42.96 Gb Free Space | 38.47% Space Free | Partition Type: NTFS
Drive D: | 111.43 Gb Total Space | 107.37 Gb Free Space | 96.36% Space Free | Partition Type: NTFS
Drive H: | 1.90 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LIVINGROOM | User Name: jon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/30 09:21:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jon\Downloads\OTL (1).exe
PRC - [2012/09/07 11:07:12 | 001,677,144 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/09/07 11:07:12 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/08/28 15:38:22 | 000,598,032 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2012/08/21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/14 09:41:16 | 006,320,360 | ---- | M] () -- C:\Program Files\Auslogics\Auslogics Registry Fixer\RegistryFixer.exe
PRC - [2012/03/12 10:57:20 | 000,133,280 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IPROSetMonitor.exe
PRC - [2011/08/05 10:15:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
PRC - [2011/06/14 17:35:02 | 000,201,080 | ---- | M] (Telefónica) -- C:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe
PRC - [2011/03/14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/07/03 19:40:10 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/04/17 02:48:12 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007/04/06 23:10:56 | 000,223,704 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
PRC - [2007/02/12 19:46:34 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/25 10:42:58 | 000,460,312 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012/09/25 10:42:57 | 012,278,808 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012/09/25 10:42:55 | 004,005,912 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012/09/25 10:41:39 | 000,578,072 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012/09/25 10:41:38 | 000,123,416 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012/09/25 10:41:27 | 000,156,712 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012/09/25 10:41:26 | 000,275,496 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012/09/25 10:41:24 | 002,168,360 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012/08/21 18:18:44 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2012/06/14 09:41:16 | 006,320,360 | ---- | M] () -- C:\Program Files\Auslogics\Auslogics Registry Fixer\RegistryFixer.exe
MOD - [2012/05/31 13:31:38 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Windows\system32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2012/09/14 23:38:44 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Stopped] -- C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
SRV - [2012/09/07 11:07:12 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/08/28 15:38:22 | 000,598,032 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/08/15 17:00:29 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/12 10:57:20 | 000,133,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\IPROSetMonitor.exe -- (Intel®
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/14 17:35:02 | 000,201,080 | ---- | M] (Telefónica) [Auto | Running] -- C:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe -- (TGCM_ImportWiFiSvc)
SRV - [2011/03/14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010/06/25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/02/19 20:31:44 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009/09/22 22:31:56 | 000,856,064 | ---- | M] () [On_Demand | Stopped] -- C:\Users\jon\AppData\Local\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2009/09/15 21:29:04 | 000,057,640 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2009/09/15 21:28:52 | 000,204,848 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - [2009/09/15 21:04:58 | 000,331,824 | ---- | M] (AnchorFree Inc.) [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2009/05/25 11:41:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 08:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 08:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/07/03 19:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/06/22 02:33:20 | 000,269,448 | ---- | M] (CyberLink) [On_Demand | Stopped] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2007/06/21 08:04:40 | 000,269,432 | ---- | M] (CyberLink) [On_Demand | Stopped] -- C:\Program Files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe -- (Acer TV Share Service)
SRV - [2007/04/26 00:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [On_Demand | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/04/17 02:48:12 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007/04/06 23:10:56 | 000,223,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2007/04/06 23:10:22 | 000,272,856 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe -- (QualityManager)
SRV - [2007/04/06 23:10:08 | 000,449,496 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2007/04/06 23:08:58 | 000,158,168 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2007/04/06 23:08:36 | 000,036,312 | R--- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)
SRV - [2007/04/06 23:08:24 | 000,039,896 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe -- (DHTRACE)
SRV - [2007/04/06 23:08:14 | 000,059,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2007/04/06 23:07:46 | 000,313,816 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe -- (NMSCore)
SRV - [2007/04/06 23:06:48 | 000,256,472 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2007/02/12 19:46:34 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [File_System | On_Demand | Stopped] -- system32\DRIVERS\vproiah.sys -- (vproiah)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\splitcam.sys -- (SPLITCAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (pgfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0E0ED7A7-AAA9-4657-B0B1-904E89A391BE}\MpKsl5c79636f.sys -- (MpKsl5c79636f)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\JakNDis.sys -- (JakNDisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (cpuz130)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\jon\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ag623qwq)
DRV - [2012/09/07 11:07:30 | 000,071,480 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2012/09/07 11:07:30 | 000,065,848 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2012/09/07 11:07:28 | 000,166,840 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2012/08/28 15:32:58 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)
DRV - [2012/08/21 10:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 10:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 10:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 10:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/08/21 10:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/08/21 10:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/08/07 01:55:09 | 000,228,376 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys -- (RapportCerberus_42020)
DRV - [2012/05/31 13:31:38 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys -- (RapportIaso)
DRV - [2012/03/07 03:07:00 | 000,231,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2011/10/24 09:31:36 | 000,239,488 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2011/09/09 04:50:10 | 000,073,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011/08/16 10:17:20 | 000,195,200 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/05/26 16:03:56 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2011/05/26 16:03:50 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/07/27 02:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/06/25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/09/15 21:04:58 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hssdrv.sys -- (HssDrv)
DRV - [2009/05/25 11:26:02 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/04/11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/22 00:00:40 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/07/29 04:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2008/03/11 14:14:54 | 000,941,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CamthWDM.sys -- (CAMTHWDM)
DRV - [2008/01/23 22:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/12/28 16:28:26 | 000,005,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2007/07/03 03:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007/04/06 23:10:40 | 000,014,808 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\tshwmdtcp.sys -- (TSHWMDTCP)
DRV - [2007/02/19 05:34:50 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2006/08/03 07:30:48 | 000,856,832 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\averm115s.sys -- (AVerM115S)
DRV - [2006/06/27 09:56:50 | 000,031,872 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\superwebcam.sys -- (SUPERWEBCAM)
DRV - [2005/08/17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2000/01/01 01:00:00 | 000,407,552 | ---- | M] (YUAN High-Tech Development Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OmniTV.sys -- (OmniTV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{86821B91-1D60-4582-A875-87E510152187}: "URL" = http://startsear.ch/...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 36 DC C4 E1 51 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {AC854C16-CA1E-43f1-8513-0D2F36C726ED}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{2CB45D92-D064-48DC-8CA7-7AEBF8A1B1F2}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{4278BA6D-0392-40EA-B067-46DEC64791DC}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{5B0E33EE-E368-469E-9661-3F67908D046B}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{6B720DE3-8DA1-4E00-82E6-6AF5B9385850}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{7BAEEBC3-D399-4F1F-8D69-B3FDE26A7741}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{7EBB6A63-2222-4B58-9F81-F758265B2FFB}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{86821B91-1D60-4582-A875-87E510152187}: "URL" = http://startsear.ch/...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-07-21 12:24:35&v=12.1.0.20&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" = http://www.offos.com...=t&rls=KaBnukC1
IE - HKCU\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = http://search.hotspo...q={searchTerms}
IE - HKCU\..\SearchScopes\{CA7583B9-2E6F-457A-8DBA-3B02EA2BD563}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKCU\..\SearchScopes\{D08C9D67-DE87-47E0-B49A-9DB43C843A9B}: "URL" = http://uk.news.searc...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{D40C110C-78CB-423E-B4F1-00AC67E8DF75}: "URL" = http://uk.local.yaho...ML&cs=&fr=yessv
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{F69A7FE7-1AF5-45B1-9E25-BA546E3B1823}: "URL" = http://shopping.yaho...Terms}&fr=yessv
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...FORM=VE3D01&q="
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "GoogIe"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://foxtab/content/homepage.html"
FF - prefs.js..extensions.enabledAddons: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledAddons: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.7.0.6
FF - prefs.js..extensions.enabledAddons: [email protected]:1.12.3.50136
FF - prefs.js..extensions.enabledAddons: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledAddons: [email protected]:3.2
FF - prefs.js..extensions.enabledAddons: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.4
FF - prefs.js..extensions.enabledAddons: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledAddons: [email protected]:7.0.1466
FF - prefs.js..extensions.enabledItems: [email protected]:1.12.0.36605
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2b}:1.1.12
FF - prefs.js..extensions.enabledItems: [email protected]:2.22.1
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.31.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.7
FF - prefs.js..keyword.URL: "http://www.offos.com...ls=KaBnukC1&q="
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666

FF - user.js..browser.search.selectedEngine: "GoogIe"
FF - user.js..keyword.URL: "http://www.offos.com...ls=KaBnukC1&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@rsj.de/prodown: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\jon\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\jon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\jon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\jon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/13 06:04:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/26 19:13:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/24 13:02:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/27 12:39:24 | 000,000,000 | ---D | M]

[2009/01/20 00:14:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jon\AppData\Roaming\Mozilla\Extensions
[2012/06/18 15:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions
[2010/12/17 23:44:36 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/07/22 20:57:13 | 000,000,000 | ---D | M] (WindowsUpdate) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2b}
[2010/07/22 20:57:13 | 000,000,000 | ---D | M] (IE View) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010/11/19 20:19:42 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(9)
[2011/10/15 21:11:43 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2010/07/22 20:57:13 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/09/19 14:05:16 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\[email protected]
[2010/09/04 12:07:50 | 000,000,000 | ---D | M] (FIFA Online Web Launcher) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\[email protected]
[2011/10/18 20:43:59 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\[email protected]
[2010/11/20 22:58:07 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\ietab@ip(8).cn
[2011/10/18 20:43:15 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\[email protected]
[2010/08/21 15:35:34 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\vshare@toolbar
[2011/10/18 20:43:29 | 000,413,408 | ---- | M] () (No name found) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2011/10/18 20:44:10 | 000,688,571 | ---- | M] () (No name found) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2010/09/27 22:22:36 | 000,001,820 | ---- | M] () -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\searchplugins\bing.xml
[2010/03/09 08:42:26 | 000,009,977 | ---- | M] () -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\searchplugins\mywebsearch.xml
[2011/07/11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\searchplugins\startsear.xml
[2009/05/27 13:25:20 | 000,000,358 | ---- | M] () -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\searchplugins\winamp-search.xml
[2012/08/27 12:39:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/16 18:31:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/07/28 20:55:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/08/27 12:39:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/08/26 19:13:06 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/07/13 06:04:42 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009/09/22 21:14:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/09/29 08:09:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/08/24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2009/08/27 21:25:26 | 000,308,096 | ---- | M] (British Telecommunications Plc) -- C:\Program Files\mozilla firefox\plugins\npBTEmailConfig.dll
[2010/08/14 13:17:47 | 000,101,888 | ---- | M] (CounterPath Solutions, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPEyeCheck.dll
[2008/09/15 11:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2011/08/31 11:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2011/09/29 02:30:22 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/07/21 12:24:20 | 000,003,752 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/09/29 02:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/29 02:30:22 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/29 02:30:22 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/29 02:30:22 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Disabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Disabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitCometAgent (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: BT Broadband Support Tools (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npBTEmailConfig.dll
CHR - plugin: DivX Web Player (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: eyeCheck Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\NPEyeCheck.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Snapfish Plugin for Firefox (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
CHR - plugin: getPlusPlus for Adobe 16263 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Motive Plugin (Disabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Picasa (Disabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Disabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Disabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Veetle TV Player (Disabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Disabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Disabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Disabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Unity Player (Disabled) = C:\Users\jon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Disabled) = C:\Users\jon\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Disabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Disabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: TVU Web Player for FireFox (Disabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Cooliris embedded in a tab (Disabled) = C:\Users\jon\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
CHR - Extension: avast! WebRep = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: vshare plugin = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: Select All for Facebook = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofcnbnhefnmjancehemliplicihbcjjb\2.1_0\

O1 HOSTS File: ([2012/08/26 13:38:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B094F50-6606-439C-9055-1F18A54AAFBE}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Users\jon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\jon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/10/31 15:16:33 | 000,000,069 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/25 12:45:04 | 000,000,000 | ---D | C] -- C:\Users\jon\AppData\Roaming\Auslogics
[2012/09/24 13:53:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
[2012/09/24 13:53:52 | 001,061,888 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.exe
[2012/09/24 13:53:51 | 000,475,648 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.scr
[2012/09/24 13:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\MyDefrag v4.3.1
[2012/09/17 14:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/17 14:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/09/17 14:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/16 15:16:33 | 000,000,000 | ---D | C] -- C:\Users\jon\AppData\Local\{8E03BC63-C685-4460-BFA8-D91AD2FB7DBC}
[2012/09/15 00:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/09/14 23:59:38 | 000,407,552 | ---- | C] (YUAN High-Tech Development Co. Ltd.) -- C:\Windows\System32\drivers\OmniTV.sys
[2012/09/14 23:59:38 | 000,086,070 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadVC2.dll
[2012/09/14 23:59:36 | 000,212,992 | ---- | C] (CyberLink) -- C:\Windows\System32\MCEMpgMux.ax
[2012/09/14 23:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/09/14 23:31:07 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012/09/14 23:07:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012/09/14 23:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\SlimDrivers
[2012/09/07 11:07:30 | 000,065,848 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2012/06/18 22:49:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\jon\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/30 09:37:42 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1764936059-3530030765-371001843-1001UA.job
[2012/09/30 08:34:08 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/30 08:34:08 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/29 21:37:08 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1764936059-3530030765-371001843-1001Core.job
[2012/09/29 08:33:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/28 20:16:27 | 000,171,202 | ---- | M] () -- C:\Users\jon\Desktop\screen.jpg
[2012/09/28 00:50:56 | 000,001,998 | ---- | M] () -- C:\Users\jon\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/25 21:05:12 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/24 13:53:56 | 000,000,819 | ---- | M] () -- C:\Users\Public\Desktop\MyDefrag.lnk
[2012/09/21 13:13:24 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/09/17 14:18:53 | 000,000,628 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012/09/16 22:17:47 | 000,000,228 | ---- | M] () -- C:\Users\jon\.swfinfo
[2012/09/16 15:52:17 | 000,072,704 | ---- | M] () -- C:\Users\jon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/14 08:13:16 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/13 21:35:41 | 000,538,186 | ---- | M] () -- C:\Windows\System32\cc_20120913_213512.reg
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/07 11:07:30 | 000,065,848 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2012/09/05 07:59:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/28 20:16:24 | 000,171,202 | ---- | C] () -- C:\Users\jon\Desktop\screen.jpg
[2012/09/24 13:53:56 | 000,000,819 | ---- | C] () -- C:\Users\Public\Desktop\MyDefrag.lnk
[2012/09/24 13:25:42 | 000,000,684 | ---- | C] () -- C:\Users\Public\Desktop\FMRTE v5.lnk
[2012/09/17 14:18:53 | 000,000,628 | ---- | C] () -- C:\Windows\System32\mapisvc.inf
[2012/09/14 23:09:02 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/09/13 21:35:16 | 000,538,186 | ---- | C] () -- C:\Windows\System32\cc_20120913_213512.reg
[2012/08/24 13:26:50 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/06/18 22:49:41 | 000,087,608 | ---- | C] () -- C:\Users\jon\AppData\Roaming\inst.exe
[2012/06/18 22:49:41 | 000,007,887 | ---- | C] () -- C:\Users\jon\AppData\Roaming\pcouffin.cat
[2012/06/18 22:49:41 | 000,001,144 | ---- | C] () -- C:\Users\jon\AppData\Roaming\pcouffin.inf
[2011/10/22 14:49:57 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011/10/17 19:10:57 | 000,000,228 | ---- | C] () -- C:\Users\jon\.swfinfo
[2010/12/11 20:52:58 | 000,001,057 | ---- | C] () -- C:\Users\jon\AppData\Roaming\vso_ts_preview.xml
[2010/11/17 20:18:03 | 000,002,048 | ---- | C] () -- C:\Users\jon\AppData\Roaming\All Say Cheese Photobook Creator Prefs
[2010/09/04 12:02:33 | 000,139,152 | ---- | C] () -- C:\Users\jon\AppData\Roaming\PnkBstrK.sys
[2010/06/17 00:25:35 | 000,001,864 | -H-- | C] () -- C:\Users\jon\.picasa.ini
[2010/06/05 15:06:49 | 2306,415,061 | ---- | C] () -- C:\Users\jon\photos.rar
[2010/04/04 21:16:49 | 000,834,560 | ---- | C] () -- C:\Users\jon\ehthumbs_vista.db
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\Users\jon\AppData\Local\20xYJkS83BHk4
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\ProgramData\20xYJkS83BHk4
[2010/02/28 17:23:03 | 000,017,408 | ---- | C] () -- C:\Users\jon\AppData\Local\WebpageIcons.db
[2010/02/23 22:00:14 | 000,010,336 | -HS- | C] () -- C:\Users\jon\AppData\Local\Q744uX4
[2010/02/19 18:36:25 | 000,000,171 | ---- | C] () -- C:\Users\jon\AppData\Local\RAExpertHistory.xml
[2010/02/18 12:53:12 | 000,000,171 | ---- | C] () -- C:\Users\jon\AppData\Local\rahistory.xml
[2009/09/22 21:09:22 | 000,000,600 | ---- | C] () -- C:\Users\jon\PUTTY.RND
[2009/07/06 12:29:59 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/04/12 15:37:12 | 000,017,089 | ---- | C] () -- C:\Users\jon\AppData\Roaming\UserTile.png
[2009/04/02 22:10:23 | 000,005,892 | ---- | C] () -- C:\Users\jon\AppData\Local\d3d9caps.dat
[2009/02/15 01:31:50 | 000,072,704 | ---- | C] () -- C:\Users\jon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/10 22:10:29 | 000,004,594 | ---- | C] () -- C:\Users\jon\AppData\Roaming\wklnhst.dat
[2009/01/27 23:31:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/04/28 23:11:15 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\aerix
[2010/11/17 20:16:57 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\All Say Cheese Photobook Creator
[2012/06/18 15:07:12 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Amazon
[2011/08/13 19:04:20 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Apowersoft
[2010/12/19 00:23:43 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Ashampoo
[2012/09/25 15:01:44 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Auslogics
[2012/08/27 15:04:44 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\avidemux
[2011/08/20 11:25:46 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Azureus
[2011/12/23 14:40:36 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\BitComet
[2010/08/14 13:26:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\BT
[2012/03/18 18:09:04 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\DAEMON Tools
[2010/06/05 18:24:53 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Doctor Who
[2009/07/20 13:34:51 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\DonationCoder
[2012/09/29 08:37:49 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Dropbox
[2009/03/24 18:08:04 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\eSobi
[2009/08/03 15:53:40 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\EuroTalk
[2010/07/22 20:57:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Facebook
[2010/04/22 11:32:01 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\FlashGet
[2010/10/14 14:31:07 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\FreeAudioPack
[2010/12/05 16:51:18 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\FreeBurner
[2011/11/29 12:36:58 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\GetRightToGo
[2010/02/23 17:42:52 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\goalbit
[2009/07/20 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\GrabPro
[2010/08/17 21:48:21 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Hensense.com
[2010/11/09 21:48:37 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\ImgBurn
[2012/01/22 20:49:08 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\IObit
[2010/07/22 20:57:10 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\IrfanView
[2012/02/05 18:48:58 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Obvious Idea
[2011/10/22 14:46:11 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\OpenCandy
[2009/04/11 22:21:45 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\OpenOffice.org
[2009/02/04 00:09:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Opera
[2012/03/26 19:46:50 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Orbit
[2009/04/12 15:37:11 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\PeerNetworking
[2009/12/12 22:16:33 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Program Files
[2011/08/14 12:05:02 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\ProgSense
[2012/03/02 14:30:58 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\QuickScan
[2011/08/08 18:32:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Samsung
[2010/10/18 11:26:06 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Search Settings
[2012/08/27 09:30:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Skinux
[2009/06/20 18:11:30 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Snapfish
[2009/05/14 13:23:31 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\SolidDocuments
[2012/08/27 11:08:52 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Soluto
[2012/07/14 20:37:13 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Sports Interactive
[2012/09/28 22:06:13 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Spotify
[2009/04/04 14:31:57 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\StreamTorrent
[2010/07/22 20:57:15 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\SystemRequirementsLab
[2010/07/07 00:54:47 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Tatara Systems
[2012/05/31 12:50:12 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Telefónica
[2009/02/10 22:10:48 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Template
[2012/05/31 12:50:10 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\TGCMLog
[2010/12/12 13:31:55 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Trusteer
[2012/09/19 05:44:14 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\TuneUp Software
[2009/04/29 20:22:20 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\TVCatchup.F47A58FCBDA0B1DF5636B554101AB5C0E8252CDC.1
[2011/12/05 00:17:45 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Uniblue
[2011/07/28 21:01:50 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Unity
[2012/07/26 05:55:54 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Vso
[2012/02/22 11:32:35 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Vyoks
[2010/07/22 20:57:15 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Webcammax
[2010/08/17 21:43:08 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Wireshark
[2012/02/23 03:56:45 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Woiv

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 55838 bytes -> C:\ProgramData\Sports Interactive:$ES_DESCRIPTOR_MVPUV1PKSVXJKX69UK1CWPP0DTVNYKM1UVXPJCEPP4DMJ3K1XYE7LRJEM53EPPJCFPLP45168LPSB5PL0EM6REGXHCTVVVVVVVVVVVVV
@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B9C96218
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0D31DA45
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:1663E41B

< End of report >

Attached Files

  • Attached File  OTL.Txt   129.51KB   103 downloads

  • 0

Advertisements

#2
Amlak
Posted 30 September 2012 - 05:53 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, worldofshinty.

Please try this while we await an expert approval of my next fix:

Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#3
Amlak
Posted 30 September 2012 - 07:53 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, worldofshinty. Do the above. Then proceed with the following:

Warning This fix is only relevant for this system and no other, using it on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.

Also, if you have MalwareBytes' AntiMalware running in the background, please do disable it while you follow the instructions for the OTL fix right below.

Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\Users\jon\AppData\Local\20xYJkS83BHk4
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\ProgramData\20xYJkS83BHk4
[2010/02/23 22:00:14 | 000,010,336 | -HS- | C] () -- C:\Users\jon\AppData\Local\Q744uX4

:Commands
[EMPTYTEMP]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post the log it produces in your next reply.

******
NEXT
******

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

******
NEXT
******

Malwarebytes' Anti-Malware

  • Open Malwarebytes' Anti-Malware.
  • Select the Update tab.
  • Click Check for Updates.
  • After the update has been completed, select the Scanner tab.
  • Select Perform quick scan, then click on the Scan button.
  • When done, you will be prompted. Click OK, then click on Show Results.
  • Make sure all items are checked and click on Remove Selected.
  • If asked to restart the computer, please do so immediately.
  • Post the contents of the resultant log in your next reply. You can access the log in the Logs tab.

  • 0

#4
worldofshinty
Posted 30 September 2012 - 11:12 AM

worldofshinty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

Hi, worldofshinty.

Please try this while we await an expert approval of my next fix:

Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image



as requested

Attached Files


  • 0

#5
worldofshinty
Posted 30 September 2012 - 12:33 PM

worldofshinty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

Hi, worldofshinty. Do the above. Then proceed with the following:

Warning This fix is only relevant for this system and no other, using it on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.

Also, if you have MalwareBytes' AntiMalware running in the background, please do disable it while you follow the instructions for the OTL fix right below.

Run OTL.

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\Users\jon\AppData\Local\20xYJkS83BHk4
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\ProgramData\20xYJkS83BHk4
[2010/02/23 22:00:14 | 000,010,336 | -HS- | C] () -- C:\Users\jon\AppData\Local\Q744uX4

:Commands
[EMPTYTEMP]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post the log it produces in your next reply.

******
NEXT
******

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

******
NEXT
******

Malwarebytes' Anti-Malware

  • Open Malwarebytes' Anti-Malware.
  • Select the Update tab.
  • Click Check for Updates.
  • After the update has been completed, select the Scanner tab.
  • Select Perform quick scan, then click on the Scan button.
  • When done, you will be prompted. Click OK, then click on Show Results.
  • Make sure all items are checked and click on Remove Selected.
  • If asked to restart the computer, please do so immediately.
  • Post the contents of the resultant log in your next reply. You can access the log in the Logs tab.


adw attached

Attached Files


  • 0

#6
worldofshinty
Posted 30 September 2012 - 01:03 PM

worldofshinty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
malware attached

Attached Files


  • 0

#7
Amlak
Posted 30 September 2012 - 06:38 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Ok, just to be sure what was cleared, do another quick scan with OTL and post the resultant log.
  • 0

#8
The Skeptic
Posted 30 September 2012 - 11:42 PM

The Skeptic

    Trusted Tech

  • Technician
  • 4,075 posts
Hi Amlak.

Just out of curiosity:

I am one of the helpers who took part in assisting worldofshinty in the OS forum. Did you find any problem with his computer?

I would appreciate a very short description of your finds, either positive or negative.


Regards

The Skeptic
  • 0

#9
Amlak
Posted 30 September 2012 - 11:59 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, The Skeptic. I should confirm this first with the expert Essexboy but the following were of some concern on the malware side:

[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\Users\jon\AppData\Local\20xYJkS83BHk4
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\ProgramData\20xYJkS83BHk4
[2010/02/23 22:00:14 | 000,010,336 | -HS- | C] () -- C:\Users\jon\AppData\Local\Q744uX4

I'll make sure it's clear of malware and then once that's done, I'll refer him back to you and you take care of the rest.

By the way, I see some Registry Fixer program (and other programs that are better off uninstalled) in there, but I'll leave this decision to you once I refer him back to you.
  • 0

#10
The Skeptic
Posted 01 October 2012 - 02:06 AM

The Skeptic

    Trusted Tech

  • Technician
  • 4,075 posts
Thanks.
  • 0

Advertisements

#11
The Skeptic
Posted 08 October 2012 - 01:20 AM

The Skeptic

    Trusted Tech

  • Technician
  • 4,075 posts
hi guys.

I follow this thread and I see no progress for about a week. We have put considerable efforts trying to solve the computers problems in the OS forum, but we cannot make any progress unless we know what's going on malwarewise.

It will be a pity to abandon the effort at this stage.


The Skeptic
  • 0

#12
Amlak
Posted 08 October 2012 - 03:06 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Well, there's nothing much I can do at this stage except wait for the user to respond. Unfortunately, it doesn't look like he'll be back anytime soon.
  • 0

#13
Essexboy
Posted 12 October 2012 - 02:42 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#14
worldofshinty
Posted 16 October 2012 - 08:01 AM

worldofshinty

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

Ok, just to be sure what was cleared, do another quick scan with OTL and post the resultant log.


with the same script?
  • 0

#15
Amlak
Posted 16 October 2012 - 03:06 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Just click the Quick Scan button. No scripts needed.
  • 1
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP