any help would be great, not sure what else to post
followed instructions in recent advice and currently i have lost 1.1gb overnight (Scotland Time)
I have attached the OTL results
OTL logfile created on: 30/09/2012 09:22:16 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jon\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1013.57 Mb Total Physical Memory | 246.06 Mb Available Physical Memory | 24.28% Memory free
3.88 Gb Paging File | 2.21 Gb Available in Paging File | 56.82% Paging File free
Paging file location(s): c:\pagefile.sys 3000 3000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.69 Gb Total Space | 42.96 Gb Free Space | 38.47% Space Free | Partition Type: NTFS
Drive D: | 111.43 Gb Total Space | 107.37 Gb Free Space | 96.36% Space Free | Partition Type: NTFS
Drive H: | 1.90 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: LIVINGROOM | User Name: jon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/09/30 09:21:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jon\Downloads\OTL (1).exe
PRC - [2012/09/07 11:07:12 | 001,677,144 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/09/07 11:07:12 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/08/28 15:38:22 | 000,598,032 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2012/08/21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/14 09:41:16 | 006,320,360 | ---- | M] () -- C:\Program Files\Auslogics\Auslogics Registry Fixer\RegistryFixer.exe
PRC - [2012/03/12 10:57:20 | 000,133,280 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IPROSetMonitor.exe
PRC - [2011/08/05 10:15:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
PRC - [2011/06/14 17:35:02 | 000,201,080 | ---- | M] (Telefónica) -- C:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe
PRC - [2011/03/14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/07/03 19:40:10 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/04/17 02:48:12 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007/04/06 23:10:56 | 000,223,704 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
PRC - [2007/02/12 19:46:34 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
========== Modules (No Company Name) ==========
MOD - [2012/09/25 10:42:58 | 000,460,312 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012/09/25 10:42:57 | 012,278,808 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012/09/25 10:42:55 | 004,005,912 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012/09/25 10:41:39 | 000,578,072 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012/09/25 10:41:38 | 000,123,416 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012/09/25 10:41:27 | 000,156,712 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012/09/25 10:41:26 | 000,275,496 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012/09/25 10:41:24 | 002,168,360 | ---- | M] () -- C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012/08/21 18:18:44 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2012/06/14 09:41:16 | 006,320,360 | ---- | M] () -- C:\Program Files\Auslogics\Auslogics Registry Fixer\RegistryFixer.exe
MOD - [2012/05/31 13:31:38 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2012/09/14 23:38:44 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Stopped] -- C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
SRV - [2012/09/07 11:07:12 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/08/28 15:38:22 | 000,598,032 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2012/08/21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/08/15 17:00:29 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/12 10:57:20 | 000,133,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\IPROSetMonitor.exe -- (Intel®
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/14 17:35:02 | 000,201,080 | ---- | M] (Telefónica) [Auto | Running] -- C:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe -- (TGCM_ImportWiFiSvc)
SRV - [2011/03/14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010/06/25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/02/19 20:31:44 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009/09/22 22:31:56 | 000,856,064 | ---- | M] () [On_Demand | Stopped] -- C:\Users\jon\AppData\Local\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2009/09/15 21:29:04 | 000,057,640 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2009/09/15 21:28:52 | 000,204,848 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - [2009/09/15 21:04:58 | 000,331,824 | ---- | M] (AnchorFree Inc.) [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2009/05/25 11:41:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 08:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 08:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/07/03 19:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/06/22 02:33:20 | 000,269,448 | ---- | M] (CyberLink) [On_Demand | Stopped] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2007/06/21 08:04:40 | 000,269,432 | ---- | M] (CyberLink) [On_Demand | Stopped] -- C:\Program Files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe -- (Acer TV Share Service)
SRV - [2007/04/26 00:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [On_Demand | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/04/17 02:48:12 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007/04/06 23:10:56 | 000,223,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2007/04/06 23:10:22 | 000,272,856 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe -- (QualityManager)
SRV - [2007/04/06 23:10:08 | 000,449,496 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2007/04/06 23:08:58 | 000,158,168 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2007/04/06 23:08:36 | 000,036,312 | R--- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)
SRV - [2007/04/06 23:08:24 | 000,039,896 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe -- (DHTRACE)
SRV - [2007/04/06 23:08:14 | 000,059,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2007/04/06 23:07:46 | 000,313,816 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe -- (NMSCore)
SRV - [2007/04/06 23:06:48 | 000,256,472 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2007/02/12 19:46:34 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [File_System | On_Demand | Stopped] -- system32\DRIVERS\vproiah.sys -- (vproiah)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\splitcam.sys -- (SPLITCAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (pgfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0E0ED7A7-AAA9-4657-B0B1-904E89A391BE}\MpKsl5c79636f.sys -- (MpKsl5c79636f)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\JakNDis.sys -- (JakNDisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (cpuz130)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\jon\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ag623qwq)
DRV - [2012/09/07 11:07:30 | 000,071,480 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2012/09/07 11:07:30 | 000,065,848 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2012/09/07 11:07:28 | 000,166,840 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2012/08/28 15:32:58 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)
DRV - [2012/08/21 10:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 10:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 10:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 10:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/08/21 10:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/08/21 10:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/08/07 01:55:09 | 000,228,376 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys -- (RapportCerberus_42020)
DRV - [2012/05/31 13:31:38 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys -- (RapportIaso)
DRV - [2012/03/07 03:07:00 | 000,231,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2011/10/24 09:31:36 | 000,239,488 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2011/09/09 04:50:10 | 000,073,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011/08/16 10:17:20 | 000,195,200 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/05/26 16:03:56 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2011/05/26 16:03:50 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/07/27 02:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/06/25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/09/15 21:04:58 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hssdrv.sys -- (HssDrv)
DRV - [2009/05/25 11:26:02 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/04/11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/22 00:00:40 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/07/29 04:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2008/03/11 14:14:54 | 000,941,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CamthWDM.sys -- (CAMTHWDM)
DRV - [2008/01/23 22:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/12/28 16:28:26 | 000,005,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2007/07/03 03:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007/04/06 23:10:40 | 000,014,808 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\tshwmdtcp.sys -- (TSHWMDTCP)
DRV - [2007/02/19 05:34:50 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2006/08/03 07:30:48 | 000,856,832 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\averm115s.sys -- (AVerM115S)
DRV - [2006/06/27 09:56:50 | 000,031,872 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\superwebcam.sys -- (SUPERWEBCAM)
DRV - [2005/08/17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2000/01/01 01:00:00 | 000,407,552 | ---- | M] (YUAN High-Tech Development Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OmniTV.sys -- (OmniTV)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{86821B91-1D60-4582-A875-87E510152187}: "URL" = http://startsear.ch/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 36 DC C4 E1 51 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {AC854C16-CA1E-43f1-8513-0D2F36C726ED}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{2CB45D92-D064-48DC-8CA7-7AEBF8A1B1F2}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{4278BA6D-0392-40EA-B067-46DEC64791DC}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{5B0E33EE-E368-469E-9661-3F67908D046B}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{6B720DE3-8DA1-4E00-82E6-6AF5B9385850}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{7BAEEBC3-D399-4F1F-8D69-B3FDE26A7741}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{7EBB6A63-2222-4B58-9F81-F758265B2FFB}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{86821B91-1D60-4582-A875-87E510152187}: "URL" = http://startsear.ch/...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-07-21 12:24:35&v=12.1.0.20&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" = http://www.offos.com...=t&rls=KaBnukC1
IE - HKCU\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = http://search.hotspo...q={searchTerms}
IE - HKCU\..\SearchScopes\{CA7583B9-2E6F-457A-8DBA-3B02EA2BD563}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKCU\..\SearchScopes\{D08C9D67-DE87-47E0-B49A-9DB43C843A9B}: "URL" = http://uk.news.searc...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{D40C110C-78CB-423E-B4F1-00AC67E8DF75}: "URL" = http://uk.local.yaho...ML&cs=&fr=yessv
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://uk.search.yah...Terms}&fr=yessv
IE - HKCU\..\SearchScopes\{F69A7FE7-1AF5-45B1-9E25-BA546E3B1823}: "URL" = http://shopping.yaho...Terms}&fr=yessv
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...FORM=VE3D01&q="
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "GoogIe"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://foxtab/content/homepage.html"
FF - prefs.js..extensions.enabledAddons: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledAddons: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.7.0.6
FF - prefs.js..extensions.enabledAddons: [email protected]:1.12.3.50136
FF - prefs.js..extensions.enabledAddons: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledAddons: [email protected]:3.2
FF - prefs.js..extensions.enabledAddons: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.4
FF - prefs.js..extensions.enabledAddons: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledAddons: [email protected]:7.0.1466
FF - prefs.js..extensions.enabledItems: [email protected]:1.12.0.36605
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2b}:1.1.12
FF - prefs.js..extensions.enabledItems: [email protected]:2.22.1
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.31.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.7
FF - prefs.js..keyword.URL: "http://www.offos.com...ls=KaBnukC1&q="
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - user.js..browser.search.selectedEngine: "GoogIe"
FF - user.js..keyword.URL: "http://www.offos.com...ls=KaBnukC1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@rsj.de/prodown: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\jon\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\jon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\jon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\jon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/13 06:04:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/26 19:13:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/24 13:02:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/27 12:39:24 | 000,000,000 | ---D | M]
[2009/01/20 00:14:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jon\AppData\Roaming\Mozilla\Extensions
[2012/06/18 15:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions
[2010/12/17 23:44:36 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/07/22 20:57:13 | 000,000,000 | ---D | M] (WindowsUpdate) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2b}
[2010/07/22 20:57:13 | 000,000,000 | ---D | M] (IE View) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010/11/19 20:19:42 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(9)
[2011/10/15 21:11:43 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2010/07/22 20:57:13 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/09/19 14:05:16 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\[email protected]
[2010/09/04 12:07:50 | 000,000,000 | ---D | M] (FIFA Online Web Launcher) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\[email protected]
[2011/10/18 20:43:59 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\[email protected]
[2010/11/20 22:58:07 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\ietab@ip(8).cn
[2011/10/18 20:43:15 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\[email protected]
[2010/08/21 15:35:34 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\vshare@toolbar
[2011/10/18 20:43:29 | 000,413,408 | ---- | M] () (No name found) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2011/10/18 20:44:10 | 000,688,571 | ---- | M] () (No name found) -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2010/09/27 22:22:36 | 000,001,820 | ---- | M] () -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\searchplugins\bing.xml
[2010/03/09 08:42:26 | 000,009,977 | ---- | M] () -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\searchplugins\mywebsearch.xml
[2011/07/11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\searchplugins\startsear.xml
[2009/05/27 13:25:20 | 000,000,358 | ---- | M] () -- C:\Users\jon\AppData\Roaming\Mozilla\Firefox\Profiles\gsmm4g2r.default\searchplugins\winamp-search.xml
[2012/08/27 12:39:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/16 18:31:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/07/28 20:55:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/08/27 12:39:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/08/26 19:13:06 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/07/13 06:04:42 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009/09/22 21:14:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/09/29 08:09:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/08/24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2009/08/27 21:25:26 | 000,308,096 | ---- | M] (British Telecommunications Plc) -- C:\Program Files\mozilla firefox\plugins\npBTEmailConfig.dll
[2010/08/14 13:17:47 | 000,101,888 | ---- | M] (CounterPath Solutions, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPEyeCheck.dll
[2008/09/15 11:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2011/08/31 11:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2011/09/29 02:30:22 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/07/21 12:24:20 | 000,003,752 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/09/29 02:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/29 02:30:22 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/29 02:30:22 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/29 02:30:22 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Disabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U29 (Disabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitCometAgent (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: BT Broadband Support Tools (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npBTEmailConfig.dll
CHR - plugin: DivX Web Player (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: eyeCheck Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\NPEyeCheck.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Snapfish Plugin for Firefox (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
CHR - plugin: getPlusPlus for Adobe 16263 (Disabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Motive Plugin (Disabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Picasa (Disabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Disabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Disabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Veetle TV Player (Disabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Disabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Disabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Disabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Unity Player (Disabled) = C:\Users\jon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Disabled) = C:\Users\jon\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Disabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Disabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: TVU Web Player for FireFox (Disabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Cooliris embedded in a tab (Disabled) = C:\Users\jon\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
CHR - Extension: avast! WebRep = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: vshare plugin = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: Select All for Facebook = C:\Users\jon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofcnbnhefnmjancehemliplicihbcjjb\2.1_0\
O1 HOSTS File: ([2012/08/26 13:38:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B094F50-6606-439C-9055-1F18A54AAFBE}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Users\jon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\jon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/10/31 15:16:33 | 000,000,069 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/25 12:45:04 | 000,000,000 | ---D | C] -- C:\Users\jon\AppData\Roaming\Auslogics
[2012/09/24 13:53:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
[2012/09/24 13:53:52 | 001,061,888 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.exe
[2012/09/24 13:53:51 | 000,475,648 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver_v4.3.1.scr
[2012/09/24 13:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\MyDefrag v4.3.1
[2012/09/17 14:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/17 14:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/09/17 14:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/16 15:16:33 | 000,000,000 | ---D | C] -- C:\Users\jon\AppData\Local\{8E03BC63-C685-4460-BFA8-D91AD2FB7DBC}
[2012/09/15 00:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/09/14 23:59:38 | 000,407,552 | ---- | C] (YUAN High-Tech Development Co. Ltd.) -- C:\Windows\System32\drivers\OmniTV.sys
[2012/09/14 23:59:38 | 000,086,070 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadVC2.dll
[2012/09/14 23:59:36 | 000,212,992 | ---- | C] (CyberLink) -- C:\Windows\System32\MCEMpgMux.ax
[2012/09/14 23:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/09/14 23:31:07 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012/09/14 23:07:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2012/09/14 23:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\SlimDrivers
[2012/09/07 11:07:30 | 000,065,848 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2012/06/18 22:49:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\jon\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/09/30 09:37:42 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1764936059-3530030765-371001843-1001UA.job
[2012/09/30 08:34:08 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/30 08:34:08 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/29 21:37:08 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1764936059-3530030765-371001843-1001Core.job
[2012/09/29 08:33:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/28 20:16:27 | 000,171,202 | ---- | M] () -- C:\Users\jon\Desktop\screen.jpg
[2012/09/28 00:50:56 | 000,001,998 | ---- | M] () -- C:\Users\jon\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/25 21:05:12 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/24 13:53:56 | 000,000,819 | ---- | M] () -- C:\Users\Public\Desktop\MyDefrag.lnk
[2012/09/21 13:13:24 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/09/17 14:18:53 | 000,000,628 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012/09/16 22:17:47 | 000,000,228 | ---- | M] () -- C:\Users\jon\.swfinfo
[2012/09/16 15:52:17 | 000,072,704 | ---- | M] () -- C:\Users\jon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/14 08:13:16 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/13 21:35:41 | 000,538,186 | ---- | M] () -- C:\Windows\System32\cc_20120913_213512.reg
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/07 11:07:30 | 000,065,848 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2012/09/05 07:59:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/28 20:16:24 | 000,171,202 | ---- | C] () -- C:\Users\jon\Desktop\screen.jpg
[2012/09/24 13:53:56 | 000,000,819 | ---- | C] () -- C:\Users\Public\Desktop\MyDefrag.lnk
[2012/09/24 13:25:42 | 000,000,684 | ---- | C] () -- C:\Users\Public\Desktop\FMRTE v5.lnk
[2012/09/17 14:18:53 | 000,000,628 | ---- | C] () -- C:\Windows\System32\mapisvc.inf
[2012/09/14 23:09:02 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012/09/13 21:35:16 | 000,538,186 | ---- | C] () -- C:\Windows\System32\cc_20120913_213512.reg
[2012/08/24 13:26:50 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/06/18 22:49:41 | 000,087,608 | ---- | C] () -- C:\Users\jon\AppData\Roaming\inst.exe
[2012/06/18 22:49:41 | 000,007,887 | ---- | C] () -- C:\Users\jon\AppData\Roaming\pcouffin.cat
[2012/06/18 22:49:41 | 000,001,144 | ---- | C] () -- C:\Users\jon\AppData\Roaming\pcouffin.inf
[2011/10/22 14:49:57 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011/10/17 19:10:57 | 000,000,228 | ---- | C] () -- C:\Users\jon\.swfinfo
[2010/12/11 20:52:58 | 000,001,057 | ---- | C] () -- C:\Users\jon\AppData\Roaming\vso_ts_preview.xml
[2010/11/17 20:18:03 | 000,002,048 | ---- | C] () -- C:\Users\jon\AppData\Roaming\All Say Cheese Photobook Creator Prefs
[2010/09/04 12:02:33 | 000,139,152 | ---- | C] () -- C:\Users\jon\AppData\Roaming\PnkBstrK.sys
[2010/06/17 00:25:35 | 000,001,864 | -H-- | C] () -- C:\Users\jon\.picasa.ini
[2010/06/05 15:06:49 | 2306,415,061 | ---- | C] () -- C:\Users\jon\photos.rar
[2010/04/04 21:16:49 | 000,834,560 | ---- | C] () -- C:\Users\jon\ehthumbs_vista.db
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\Users\jon\AppData\Local\20xYJkS83BHk4
[2010/03/24 18:10:12 | 000,012,166 | -HS- | C] () -- C:\ProgramData\20xYJkS83BHk4
[2010/02/28 17:23:03 | 000,017,408 | ---- | C] () -- C:\Users\jon\AppData\Local\WebpageIcons.db
[2010/02/23 22:00:14 | 000,010,336 | -HS- | C] () -- C:\Users\jon\AppData\Local\Q744uX4
[2010/02/19 18:36:25 | 000,000,171 | ---- | C] () -- C:\Users\jon\AppData\Local\RAExpertHistory.xml
[2010/02/18 12:53:12 | 000,000,171 | ---- | C] () -- C:\Users\jon\AppData\Local\rahistory.xml
[2009/09/22 21:09:22 | 000,000,600 | ---- | C] () -- C:\Users\jon\PUTTY.RND
[2009/07/06 12:29:59 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/04/12 15:37:12 | 000,017,089 | ---- | C] () -- C:\Users\jon\AppData\Roaming\UserTile.png
[2009/04/02 22:10:23 | 000,005,892 | ---- | C] () -- C:\Users\jon\AppData\Local\d3d9caps.dat
[2009/02/15 01:31:50 | 000,072,704 | ---- | C] () -- C:\Users\jon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/10 22:10:29 | 000,004,594 | ---- | C] () -- C:\Users\jon\AppData\Roaming\wklnhst.dat
[2009/01/27 23:31:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
========== ZeroAccess Check ==========
[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009/04/28 23:11:15 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\aerix
[2010/11/17 20:16:57 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\All Say Cheese Photobook Creator
[2012/06/18 15:07:12 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Amazon
[2011/08/13 19:04:20 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Apowersoft
[2010/12/19 00:23:43 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Ashampoo
[2012/09/25 15:01:44 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Auslogics
[2012/08/27 15:04:44 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\avidemux
[2011/08/20 11:25:46 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Azureus
[2011/12/23 14:40:36 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\BitComet
[2010/08/14 13:26:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\BT
[2012/03/18 18:09:04 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\DAEMON Tools
[2010/06/05 18:24:53 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Doctor Who
[2009/07/20 13:34:51 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\DonationCoder
[2012/09/29 08:37:49 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Dropbox
[2009/03/24 18:08:04 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\eSobi
[2009/08/03 15:53:40 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\EuroTalk
[2010/07/22 20:57:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Facebook
[2010/04/22 11:32:01 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\FlashGet
[2010/10/14 14:31:07 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\FreeAudioPack
[2010/12/05 16:51:18 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\FreeBurner
[2011/11/29 12:36:58 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\GetRightToGo
[2010/02/23 17:42:52 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\goalbit
[2009/07/20 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\GrabPro
[2010/08/17 21:48:21 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Hensense.com
[2010/11/09 21:48:37 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\ImgBurn
[2012/01/22 20:49:08 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\IObit
[2010/07/22 20:57:10 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\IrfanView
[2012/02/05 18:48:58 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Obvious Idea
[2011/10/22 14:46:11 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\OpenCandy
[2009/04/11 22:21:45 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\OpenOffice.org
[2009/02/04 00:09:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Opera
[2012/03/26 19:46:50 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Orbit
[2009/04/12 15:37:11 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\PeerNetworking
[2009/12/12 22:16:33 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Program Files
[2011/08/14 12:05:02 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\ProgSense
[2012/03/02 14:30:58 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\QuickScan
[2011/08/08 18:32:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Samsung
[2010/10/18 11:26:06 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Search Settings
[2012/08/27 09:30:09 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Skinux
[2009/06/20 18:11:30 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Snapfish
[2009/05/14 13:23:31 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\SolidDocuments
[2012/08/27 11:08:52 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Soluto
[2012/07/14 20:37:13 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Sports Interactive
[2012/09/28 22:06:13 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Spotify
[2009/04/04 14:31:57 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\StreamTorrent
[2010/07/22 20:57:15 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\SystemRequirementsLab
[2010/07/07 00:54:47 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Tatara Systems
[2012/05/31 12:50:12 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Telefónica
[2009/02/10 22:10:48 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Template
[2012/05/31 12:50:10 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\TGCMLog
[2010/12/12 13:31:55 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Trusteer
[2012/09/19 05:44:14 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\TuneUp Software
[2009/04/29 20:22:20 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\TVCatchup.F47A58FCBDA0B1DF5636B554101AB5C0E8252CDC.1
[2011/12/05 00:17:45 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Uniblue
[2011/07/28 21:01:50 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Unity
[2012/07/26 05:55:54 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Vso
[2012/02/22 11:32:35 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Vyoks
[2010/07/22 20:57:15 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Webcammax
[2010/08/17 21:43:08 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Wireshark
[2012/02/23 03:56:45 | 000,000,000 | ---D | M] -- C:\Users\jon\AppData\Roaming\Woiv
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 55838 bytes -> C:\ProgramData\Sports Interactive:$ES_DESCRIPTOR_MVPUV1PKSVXJKX69UK1CWPP0DTVNYKM1UVXPJCEPP4DMJ3K1XYE7LRJEM53EPPJCFPLP45168LPSB5PL0EM6REGXHCTVVVVVVVVVVVVV
@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B9C96218
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0D31DA45
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:1663E41B
< End of report >