Redirection? [Closed]
Started by
waynf
, Mar 11 2013 11:24 AM
This topic is locked
#31
Posted 15 March 2013 - 10:55 AM
waynf
- Topic Starter
-
- Member
-
- 1,130 posts
Member 1K
#32
Posted 15 March 2013 - 12:44 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Could you run a fresh OTL scan please and ensure that all users is selected
#33
Posted 15 March 2013 - 08:17 PM
waynf
- Topic Starter
-
- Member
-
- 1,130 posts
Member 1K
OTL logfile created on: 3/15/2013 11:07:34 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Wayne\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
446.42 Mb Total Physical Memory | 88.32 Mb Available Physical Memory | 19.78% Memory free
1.69 Gb Paging File | 1.06 Gb Available in Paging File | 62.58% Paging File free
Paging file location(s): C:\pagefile.sys 1344 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 18.47 Gb Free Space | 24.78% Space Free | Partition Type: NTFS
Drive E: | 3.80 Gb Total Space | 2.34 Gb Free Space | 61.54% Space Free | Partition Type: FAT32
Computer Name: WAYNE-5BB001150 | User Name: Wayne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/12 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
PRC - [2013/03/09 13:20:12 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/02/13 13:43:01 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/01/06 05:28:58 | 000,206,336 | ---- | M] (FileProperties_CompanyName) -- C:\Documents and Settings\Wayne\Local Settings\Application Data\Updater21806\Updater21806.exe
PRC - [2012/09/25 11:00:46 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/09/25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/09/25 10:52:49 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/09/19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/06/29 13:26:06 | 000,520,216 | ---- | M] (Ant.com) -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003/07/07 17:03:38 | 001,658,880 | ---- | M] (InfoInterActive Corp.) -- C:\Program Files\Internet Call Manager\ICM.EXE
========== Modules (No Company Name) ==========
MOD - [2013/03/09 13:20:11 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/02/13 20:48:30 | 014,586,736 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
MOD - [2012/09/19 19:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - [2013/03/09 13:20:11 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/13 20:48:36 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/13 13:43:01 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/25 11:00:46 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/09/25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/29 13:26:06 | 000,520,216 | ---- | M] (Ant.com) [Auto | Running] -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe -- (AntUpdaterService)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/09/24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/09/13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/08/01 11:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 11:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/04/14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2005/12/12 04:08:44 | 001,124,097 | R--- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/05/27 05:32:52 | 001,317,152 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/27 05:31:28 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2002/11/18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)
DRV - [2002/05/10 21:31:48 | 000,633,220 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes\{E8930232-4B31-4251-986C-98061BDC75B4}: "URL" = http://www.ant.com/web/{searchTerms}/
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledAddons: %7B6e764c17-863a-450f-bdd0-6772bd5aaa18%7D:1.0.3
FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.6
FF - prefs.js..extensions.enabledAddons: extension21806%40extension21806.com:0.91.45
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:2.3.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/09 13:20:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 13:19:48 | 000,000,000 | ---D | M]
[2009/02/16 09:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Extensions
[2013/03/15 12:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions
[2011/06/03 10:59:24 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/10/28 11:51:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2009/04/15 16:55:47 | 000,000,000 | ---D | M] (Media Converter) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2011/02/19 11:17:50 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\anttoolbar@ant(2).com
[2013/03/01 15:58:21 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]
[2013/03/15 12:14:08 | 000,000,000 | ---D | M] ("Deals Plugin Extension") -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\chrome
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\defaults
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\locale
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\skin
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\chrome\content\extensionCode
[2013/03/09 13:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/09 13:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/03/09 13:20:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/12/19 17:21:26 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2012/11/18 12:32:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/07/08 16:26:58 | 000,003,803 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MyHeritage.xml
[2013/02/19 14:32:51 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - Extension: No name found = C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbhgoadfgiandmaieopaphefbhcdpfaf\1.21.10_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbhgoadfgiandmaieopaphefbhcdpfaf\1.21.10_0\
Hosts file not found
O2 - BHO: (Deals Plugin Extension) - {11111111-1111-1111-1111-110211181106} - C:\Program Files\Deals Plugin Extension\Deals Plugin Extension.dll (215 Apps)
O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\Toolbar\WebBrowser: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-1078081533-448539723-725345543-1003..\Run: [Updater21806.exe] C:\Documents and Settings\Wayne\Local Settings\Application Data\Updater21806\Updater21806.exe (FileProperties_CompanyName)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O9 - Extra Button: Download with YouTube Clip Extractor - {acf57469-0757-4073-92f4-e7c278f359c9} - C:\Program Files\YouTube Clip Extractor\ClipExtractor.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44224713-5C34-4DF0-BA99-FC38D7806FDA}: NameServer = 142.166.145.137 142.177.2.130
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/14 12:31:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/15 12:43:53 | 000,760,335 | ---- | C] (Farbar) -- C:\Documents and Settings\Wayne\Desktop\MiniToolBox.exe
[2013/03/13 13:49:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/12 18:42:36 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Wayne\Desktop\aswMBR.exe
[2013/03/12 18:22:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
[2013/03/10 23:17:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Wayne\Recent
[2013/03/09 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013/03/15 23:01:40 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/15 22:48:59 | 000,189,518 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/03/15 22:48:41 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/15 22:48:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/15 14:38:03 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2013/03/15 14:37:28 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Ledger.lnk
[2013/03/15 14:28:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/15 13:44:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-448539723-725345543-1003UA.job
[2013/03/15 12:46:11 | 000,760,335 | ---- | M] (Farbar) -- C:\Documents and Settings\Wayne\Desktop\MiniToolBox.exe
[2013/03/14 21:44:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-448539723-725345543-1003Core.job
[2013/03/13 09:25:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/12 18:58:36 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Wayne\Desktop\aswMBR.exe
[2013/03/12 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
[2013/03/08 12:37:22 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Microsoft Office Word 2003.lnk
[2013/03/06 07:29:57 | 000,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/24 13:45:18 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/02/24 12:46:47 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Wayne\default.pls
========== Files Created - No Company Name ==========
[2012/09/29 09:21:33 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\cards8.dll
[2012/04/05 14:45:11 | 000,000,353 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2012/04/05 14:41:39 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011/11/21 07:16:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2010/01/24 22:13:49 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\Wayne\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2009/01/23 18:23:35 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Wayne\default.pls
[2009/01/15 22:14:45 | 000,237,056 | ---- | C] () -- C:\Documents and Settings\Wayne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 12:36:15 | 010,747,904 | ---- | C] () -- C:\Documents and Settings\Wayne\NTUSER.bak
========== ZeroAccess Check ==========
[2009/01/15 16:57:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Wayne\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
446.42 Mb Total Physical Memory | 88.32 Mb Available Physical Memory | 19.78% Memory free
1.69 Gb Paging File | 1.06 Gb Available in Paging File | 62.58% Paging File free
Paging file location(s): C:\pagefile.sys 1344 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 18.47 Gb Free Space | 24.78% Space Free | Partition Type: NTFS
Drive E: | 3.80 Gb Total Space | 2.34 Gb Free Space | 61.54% Space Free | Partition Type: FAT32
Computer Name: WAYNE-5BB001150 | User Name: Wayne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/12 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
PRC - [2013/03/09 13:20:12 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/02/13 13:43:01 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/01/06 05:28:58 | 000,206,336 | ---- | M] (FileProperties_CompanyName) -- C:\Documents and Settings\Wayne\Local Settings\Application Data\Updater21806\Updater21806.exe
PRC - [2012/09/25 11:00:46 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/09/25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/09/25 10:52:49 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/09/19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/06/29 13:26:06 | 000,520,216 | ---- | M] (Ant.com) -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003/07/07 17:03:38 | 001,658,880 | ---- | M] (InfoInterActive Corp.) -- C:\Program Files\Internet Call Manager\ICM.EXE
========== Modules (No Company Name) ==========
MOD - [2013/03/09 13:20:11 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/02/13 20:48:30 | 014,586,736 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
MOD - [2012/09/19 19:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - [2013/03/09 13:20:11 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/13 20:48:36 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/13 13:43:01 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/25 11:00:46 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/09/25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/29 13:26:06 | 000,520,216 | ---- | M] (Ant.com) [Auto | Running] -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe -- (AntUpdaterService)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/09/24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/09/13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/08/01 11:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 11:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/04/14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2005/12/12 04:08:44 | 001,124,097 | R--- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/05/27 05:32:52 | 001,317,152 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/27 05:31:28 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2002/11/18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)
DRV - [2002/05/10 21:31:48 | 000,633,220 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes\{E8930232-4B31-4251-986C-98061BDC75B4}: "URL" = http://www.ant.com/web/{searchTerms}/
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledAddons: %7B6e764c17-863a-450f-bdd0-6772bd5aaa18%7D:1.0.3
FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.6
FF - prefs.js..extensions.enabledAddons: extension21806%40extension21806.com:0.91.45
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:2.3.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/09 13:20:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 13:19:48 | 000,000,000 | ---D | M]
[2009/02/16 09:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Extensions
[2013/03/15 12:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions
[2011/06/03 10:59:24 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/10/28 11:51:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2009/04/15 16:55:47 | 000,000,000 | ---D | M] (Media Converter) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2011/02/19 11:17:50 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\anttoolbar@ant(2).com
[2013/03/01 15:58:21 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]
[2013/03/15 12:14:08 | 000,000,000 | ---D | M] ("Deals Plugin Extension") -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\chrome
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\defaults
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\locale
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\skin
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\chrome\content\extensionCode
[2013/03/09 13:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/09 13:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/03/09 13:20:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/12/19 17:21:26 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2012/11/18 12:32:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/07/08 16:26:58 | 000,003,803 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MyHeritage.xml
[2013/02/19 14:32:51 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - Extension: No name found = C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbhgoadfgiandmaieopaphefbhcdpfaf\1.21.10_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbhgoadfgiandmaieopaphefbhcdpfaf\1.21.10_0\
Hosts file not found
O2 - BHO: (Deals Plugin Extension) - {11111111-1111-1111-1111-110211181106} - C:\Program Files\Deals Plugin Extension\Deals Plugin Extension.dll (215 Apps)
O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\Toolbar\WebBrowser: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-1078081533-448539723-725345543-1003..\Run: [Updater21806.exe] C:\Documents and Settings\Wayne\Local Settings\Application Data\Updater21806\Updater21806.exe (FileProperties_CompanyName)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O9 - Extra Button: Download with YouTube Clip Extractor - {acf57469-0757-4073-92f4-e7c278f359c9} - C:\Program Files\YouTube Clip Extractor\ClipExtractor.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44224713-5C34-4DF0-BA99-FC38D7806FDA}: NameServer = 142.166.145.137 142.177.2.130
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/14 12:31:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/15 12:43:53 | 000,760,335 | ---- | C] (Farbar) -- C:\Documents and Settings\Wayne\Desktop\MiniToolBox.exe
[2013/03/13 13:49:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/12 18:42:36 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Wayne\Desktop\aswMBR.exe
[2013/03/12 18:22:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
[2013/03/10 23:17:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Wayne\Recent
[2013/03/09 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013/03/15 23:01:40 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/15 22:48:59 | 000,189,518 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/03/15 22:48:41 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/15 22:48:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/15 14:38:03 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2013/03/15 14:37:28 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Ledger.lnk
[2013/03/15 14:28:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/15 13:44:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-448539723-725345543-1003UA.job
[2013/03/15 12:46:11 | 000,760,335 | ---- | M] (Farbar) -- C:\Documents and Settings\Wayne\Desktop\MiniToolBox.exe
[2013/03/14 21:44:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-448539723-725345543-1003Core.job
[2013/03/13 09:25:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/12 18:58:36 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Wayne\Desktop\aswMBR.exe
[2013/03/12 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
[2013/03/08 12:37:22 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Microsoft Office Word 2003.lnk
[2013/03/06 07:29:57 | 000,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/24 13:45:18 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/02/24 12:46:47 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Wayne\default.pls
========== Files Created - No Company Name ==========
[2012/09/29 09:21:33 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\cards8.dll
[2012/04/05 14:45:11 | 000,000,353 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2012/04/05 14:41:39 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011/11/21 07:16:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2010/01/24 22:13:49 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\Wayne\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2009/01/23 18:23:35 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Wayne\default.pls
[2009/01/15 22:14:45 | 000,237,056 | ---- | C] () -- C:\Documents and Settings\Wayne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 12:36:15 | 010,747,904 | ---- | C] () -- C:\Documents and Settings\Wayne\NTUSER.bak
========== ZeroAccess Check ==========
[2009/01/15 16:57:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
#34
Posted 16 March 2013 - 04:35 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
I see the deals plugin is back, did you re-install it ?
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
[2013/03/15 12:14:08 | 000,000,000 | ---D | M] ("Deals Plugin Extension") -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\chrome
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\defaults
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\locale
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\skin
[2013/03/15 12:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]\chrome\content\extensionCode
O2 - BHO: (Deals Plugin Extension) - {11111111-1111-1111-1111-110211181106} - C:\Program Files\Deals Plugin Extension\Deals Plugin Extension.dll (215 Apps)
O4 - HKU\S-1-5-21-1078081533-448539723-725345543-1003..\Run: [Updater21806.exe] C:\Documents and Settings\Wayne\Local Settings\Application Data\Updater21806\Updater21806.exe (FileProperties_CompanyName)
:Files
C:\Documents and Settings\Wayne\Local Settings\Application Data\Updater21806
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
#35
Posted 16 March 2013 - 09:54 AM
waynf
- Topic Starter
-
- Member
-
- 1,130 posts
Member 1K
I have made no changes on pc, plug-ins or otherwise
#36
Posted 16 March 2013 - 10:01 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK could you run the fix and post a fresh OTL on completion
#37
Posted 16 March 2013 - 10:28 AM
waynf
- Topic Starter
-
- Member
-
- 1,130 posts
Member 1K
I ran the fix as peer your instructions but no logfile came up. However on my desktop there are three Microsoft Word icons in shadow as follows:
~$nth PAp1... and ~$OPPING... and ZbThumbn....
~$nth PAp1... and ~$OPPING... and ZbThumbn....
#38
Posted 16 March 2013 - 10:38 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
They are files that will be rehidden once we have finished
How is the computer now ?
How is the computer now ?
#39
Posted 16 March 2013 - 11:19 AM
waynf
- Topic Starter
-
- Member
-
- 1,130 posts
Member 1K
I will try it out and let you know so dont do any tidying up yet.
#40
Posted 16 March 2013 - 11:35 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK could you post the fresh OTL log please
#41
Posted 16 March 2013 - 11:57 AM
waynf
- Topic Starter
-
- Member
-
- 1,130 posts
Member 1K
Message pertaining to "connection to server....." still comes on.
Do you want me to run the OTL like last time with "All Users". Last time i ran that no log came up.
Do you want me to run the OTL like last time with "All Users". Last time i ran that no log came up.
#42
Posted 16 March 2013 - 12:20 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Yes just run a scan with all users selected
#43
Posted 16 March 2013 - 12:47 PM
waynf
- Topic Starter
-
- Member
-
- 1,130 posts
Member 1K
OTL logfile created on: 3/16/2013 3:33:52 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Wayne\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
446.42 Mb Total Physical Memory | 108.63 Mb Available Physical Memory | 24.33% Memory free
1.69 Gb Paging File | 1.21 Gb Available in Paging File | 71.95% Paging File free
Paging file location(s): C:\pagefile.sys 1344 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 18.44 Gb Free Space | 24.74% Space Free | Partition Type: NTFS
Drive E: | 3.80 Gb Total Space | 2.34 Gb Free Space | 61.54% Space Free | Partition Type: FAT32
Computer Name: WAYNE-5BB001150 | User Name: Wayne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/12 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
PRC - [2013/03/09 13:20:12 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/02/13 13:43:01 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/09/25 11:00:46 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/09/25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/09/25 10:52:49 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/09/19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/06/29 13:26:06 | 000,520,216 | ---- | M] (Ant.com) -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003/07/07 17:03:38 | 001,658,880 | ---- | M] (InfoInterActive Corp.) -- C:\Program Files\Internet Call Manager\ICM.EXE
========== Modules (No Company Name) ==========
MOD - [2013/03/09 13:20:11 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/09/19 19:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - [2013/03/09 13:20:11 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/13 20:48:36 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/13 13:43:01 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/25 11:00:46 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/09/25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/29 13:26:06 | 000,520,216 | ---- | M] (Ant.com) [Auto | Running] -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe -- (AntUpdaterService)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/09/24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/09/13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/08/01 11:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 11:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/04/14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2005/12/12 04:08:44 | 001,124,097 | R--- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/05/27 05:32:52 | 001,317,152 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/27 05:31:28 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2002/11/18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)
DRV - [2002/05/10 21:31:48 | 000,633,220 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes\{E8930232-4B31-4251-986C-98061BDC75B4}: "URL" = http://www.ant.com/web/{searchTerms}/
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledAddons: %7B6e764c17-863a-450f-bdd0-6772bd5aaa18%7D:1.0.3
FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:2.3.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/09 13:20:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 13:19:48 | 000,000,000 | ---D | M]
[2009/02/16 09:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Extensions
[2013/03/16 13:39:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions
[2011/06/03 10:59:24 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/10/28 11:51:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2009/04/15 16:55:47 | 000,000,000 | ---D | M] (Media Converter) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2011/02/19 11:17:50 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\anttoolbar@ant(2).com
[2013/03/01 15:58:21 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]
[2013/03/16 13:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\staged
[2013/03/09 13:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/09 13:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/03/09 13:20:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/12/19 17:21:26 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2012/11/18 12:32:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/07/08 16:26:58 | 000,003,803 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MyHeritage.xml
[2013/02/19 14:32:51 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - Extension: No name found = C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbhgoadfgiandmaieopaphefbhcdpfaf\1.21.10_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbhgoadfgiandmaieopaphefbhcdpfaf\1.21.10_0\
Hosts file not found
O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\Toolbar\WebBrowser: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O9 - Extra Button: Download with YouTube Clip Extractor - {acf57469-0757-4073-92f4-e7c278f359c9} - C:\Program Files\YouTube Clip Extractor\ClipExtractor.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44224713-5C34-4DF0-BA99-FC38D7806FDA}: NameServer = 142.166.145.137 142.177.2.130
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/14 12:31:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/15 12:43:53 | 000,760,335 | ---- | C] (Farbar) -- C:\Documents and Settings\Wayne\Desktop\MiniToolBox.exe
[2013/03/13 13:49:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/12 18:42:36 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Wayne\Desktop\aswMBR.exe
[2013/03/12 18:22:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
[2013/03/10 23:17:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Wayne\Recent
[2013/03/09 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013/03/16 15:28:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/16 15:01:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/16 14:44:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-448539723-725345543-1003UA.job
[2013/03/16 13:10:21 | 000,189,518 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/03/16 13:05:39 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/16 13:05:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/15 14:38:03 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2013/03/15 14:37:28 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Ledger.lnk
[2013/03/15 12:46:11 | 000,760,335 | ---- | M] (Farbar) -- C:\Documents and Settings\Wayne\Desktop\MiniToolBox.exe
[2013/03/14 21:44:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-448539723-725345543-1003Core.job
[2013/03/13 09:25:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/12 18:58:36 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Wayne\Desktop\aswMBR.exe
[2013/03/12 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
[2013/03/08 12:37:22 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Microsoft Office Word 2003.lnk
[2013/03/06 07:29:57 | 000,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/24 13:45:18 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/02/24 12:46:47 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Wayne\default.pls
========== Files Created - No Company Name ==========
[2012/09/29 09:21:33 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\cards8.dll
[2012/04/05 14:45:11 | 000,000,353 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2012/04/05 14:41:39 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011/11/21 07:16:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2010/01/24 22:13:49 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\Wayne\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2009/01/23 18:23:35 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Wayne\default.pls
[2009/01/15 22:14:45 | 000,237,056 | ---- | C] () -- C:\Documents and Settings\Wayne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 12:36:15 | 010,747,904 | ---- | C] () -- C:\Documents and Settings\Wayne\NTUSER.bak
========== ZeroAccess Check ==========
[2009/01/15 16:57:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Wayne\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
446.42 Mb Total Physical Memory | 108.63 Mb Available Physical Memory | 24.33% Memory free
1.69 Gb Paging File | 1.21 Gb Available in Paging File | 71.95% Paging File free
Paging file location(s): C:\pagefile.sys 1344 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 18.44 Gb Free Space | 24.74% Space Free | Partition Type: NTFS
Drive E: | 3.80 Gb Total Space | 2.34 Gb Free Space | 61.54% Space Free | Partition Type: FAT32
Computer Name: WAYNE-5BB001150 | User Name: Wayne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/12 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
PRC - [2013/03/09 13:20:12 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/02/13 13:43:01 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/09/25 11:00:46 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/09/25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/09/25 10:52:49 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/09/19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/06/29 13:26:06 | 000,520,216 | ---- | M] (Ant.com) -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003/07/07 17:03:38 | 001,658,880 | ---- | M] (InfoInterActive Corp.) -- C:\Program Files\Internet Call Manager\ICM.EXE
========== Modules (No Company Name) ==========
MOD - [2013/03/09 13:20:11 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/09/19 19:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - [2013/03/09 13:20:11 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/13 20:48:36 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/13 13:43:01 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/09/25 11:00:46 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/09/25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/29 13:26:06 | 000,520,216 | ---- | M] (Ant.com) [Auto | Running] -- C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe -- (AntUpdaterService)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/09/24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/09/13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/08/01 11:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 11:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/04/14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2005/12/12 04:08:44 | 001,124,097 | R--- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/05/27 05:32:52 | 001,317,152 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/27 05:31:28 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2002/11/18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)
DRV - [2002/05/10 21:31:48 | 000,633,220 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\SearchScopes\{E8930232-4B31-4251-986C-98061BDC75B4}: "URL" = http://www.ant.com/web/{searchTerms}/
IE - HKU\S-1-5-21-1078081533-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledAddons: %7B6e764c17-863a-450f-bdd0-6772bd5aaa18%7D:1.0.3
FF - prefs.js..extensions.enabledAddons: anttoolbar%40ant.com:2.4.7.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:2.3.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Wayne\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/09 13:20:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 13:19:48 | 000,000,000 | ---D | M]
[2009/02/16 09:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Extensions
[2013/03/16 13:39:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions
[2011/06/03 10:59:24 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/10/28 11:51:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(2)
[2009/04/15 16:55:47 | 000,000,000 | ---D | M] (Media Converter) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2011/02/19 11:17:50 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\anttoolbar@ant(2).com
[2013/03/01 15:58:21 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\[email protected]
[2013/03/16 13:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wayne\Application Data\Mozilla\Firefox\Profiles\1ic2y45k.default\extensions\staged
[2013/03/09 13:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/09 13:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/03/09 13:20:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/12/19 17:21:26 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2012/11/18 12:32:15 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/07/08 16:26:58 | 000,003,803 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MyHeritage.xml
[2013/02/19 14:32:51 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - Extension: No name found = C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbhgoadfgiandmaieopaphefbhcdpfaf\1.21.10_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Wayne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbhgoadfgiandmaieopaphefbhcdpfaf\1.21.10_0\
Hosts file not found
O2 - BHO: (Ant.com browser helper (video detector)) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O3 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\..\Toolbar\WebBrowser: (Ant.com Video Downloader toolbar) - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-448539723-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files\Ant.com\IE add-on\Download.dll (Ant.com)
O9 - Extra Button: Download with YouTube Clip Extractor - {acf57469-0757-4073-92f4-e7c278f359c9} - C:\Program Files\YouTube Clip Extractor\ClipExtractor.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44224713-5C34-4DF0-BA99-FC38D7806FDA}: NameServer = 142.166.145.137 142.177.2.130
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/14 12:31:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/15 12:43:53 | 000,760,335 | ---- | C] (Farbar) -- C:\Documents and Settings\Wayne\Desktop\MiniToolBox.exe
[2013/03/13 13:49:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/12 18:42:36 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Wayne\Desktop\aswMBR.exe
[2013/03/12 18:22:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
[2013/03/10 23:17:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Wayne\Recent
[2013/03/09 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013/03/16 15:28:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/16 15:01:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/16 14:44:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-448539723-725345543-1003UA.job
[2013/03/16 13:10:21 | 000,189,518 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/03/16 13:05:39 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/16 13:05:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/15 14:38:03 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2013/03/15 14:37:28 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Ledger.lnk
[2013/03/15 12:46:11 | 000,760,335 | ---- | M] (Farbar) -- C:\Documents and Settings\Wayne\Desktop\MiniToolBox.exe
[2013/03/14 21:44:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-448539723-725345543-1003Core.job
[2013/03/13 09:25:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/12 18:58:36 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Wayne\Desktop\aswMBR.exe
[2013/03/12 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wayne\Desktop\OTL.exe
[2013/03/08 12:37:22 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Wayne\Desktop\Microsoft Office Word 2003.lnk
[2013/03/06 07:29:57 | 000,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/24 13:45:18 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/02/24 12:46:47 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\Wayne\default.pls
========== Files Created - No Company Name ==========
[2012/09/29 09:21:33 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\cards8.dll
[2012/04/05 14:45:11 | 000,000,353 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2012/04/05 14:41:39 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011/11/21 07:16:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2010/01/24 22:13:49 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\Wayne\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2009/01/23 18:23:35 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Wayne\default.pls
[2009/01/15 22:14:45 | 000,237,056 | ---- | C] () -- C:\Documents and Settings\Wayne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 12:36:15 | 010,747,904 | ---- | C] () -- C:\Documents and Settings\Wayne\NTUSER.bak
========== ZeroAccess Check ==========
[2009/01/15 16:57:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
#44
Posted 16 March 2013 - 01:26 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Could you disable your ant toolbar please
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
