[featman]

Hi,

For the most part, this older HP Pavilion dv6130us Media Center Notebook PC seems OK. Of late, I'm getting adware and pop ups that are disruptive.
Another issue is problems when I leave any programs "open" and minimized in the bottom tray. If an hour goes by, and then I click on a program "re-open" it, I get a "program not responding error". At which point, I usually have to shut down and restart again.

I've attached the OTL Log text. I'm very appreciative of any fixes you can offer.

Ruchard

OTL logfile created on: 5/25/2013 11:05:30 AM - Run 5
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Richard\Desktop\rarely used\Geeks Stuff April 2012
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.98 Mb Total Physical Memory | 706.86 Mb Available Physical Memory | 69.71% Memory free
2.38 Gb Paging File | 1.70 Gb Available in Paging File | 71.38% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 99.09 Gb Total Space | 28.78 Gb Free Space | 29.05% Space Free | Partition Type: NTFS
Drive D: | 11.67 Gb Total Space | 1.39 Gb Free Space | 11.88% Space Free | Partition Type: FAT32
Drive F: | 1.86 Gb Total Space | 0.73 Gb Free Space | 39.35% Space Free | Partition Type: FAT

Computer Name: PC785018295244 | User Name: Richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/11 09:28:40 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
PRC - [2013/05/09 07:04:52 | 000,020,248 | ---- | M] (Smartbar) -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\QuickShare.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/03/22 10:09:37 | 002,787,280 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2013/03/12 03:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Richard\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2013/01/24 11:45:24 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2012/03/31 16:22:14 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Richard\Desktop\rarely used\Geeks Stuff April 2012\OTL.exe
PRC - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) -- C:\Documents and Settings\Richard\Application Data\HP SimpleSave Application\uUACTokenSvc.exe
PRC - [2009/10/23 20:34:36 | 000,827,904 | ---- | M] () -- C:\Program Files\dvd43\DVD43_Tray.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/09/28 05:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/25 04:02:07 | 002,085,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13052500\algo.dll
MOD - [2013/05/20 07:31:58 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013/05/20 07:08:53 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll
MOD - [2013/05/20 06:50:03 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2013/05/11 09:28:40 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
MOD - [2013/05/11 08:42:57 | 000,145,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2013/05/09 07:05:44 | 000,021,272 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.Utilities.dll
MOD - [2013/05/09 07:05:32 | 000,025,368 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2013/05/09 07:05:30 | 000,019,736 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SideBySide.dll
MOD - [2013/05/09 07:05:24 | 000,013,592 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2013/05/09 07:05:22 | 000,051,480 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
MOD - [2013/05/09 07:05:20 | 000,111,896 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2013/05/09 07:05:12 | 000,044,312 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2013/05/09 07:05:06 | 000,078,104 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2013/05/09 07:05:06 | 000,016,152 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2013/05/09 07:05:02 | 000,057,112 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
MOD - [2013/05/09 07:05:02 | 000,018,712 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2013/05/09 07:04:58 | 000,032,024 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2013/05/09 07:04:58 | 000,012,568 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2013/05/09 07:04:56 | 000,014,104 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2013/05/09 07:04:56 | 000,013,592 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2013/05/09 07:04:54 | 001,703,704 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2013/05/09 07:04:54 | 000,081,176 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2013/05/09 07:04:52 | 000,662,296 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2013/05/09 07:03:54 | 000,047,384 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\MACTrackBarLib.dll
MOD - [2013/03/22 10:09:37 | 002,787,280 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
MOD - [2013/03/22 10:08:36 | 002,520,016 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2013/02/13 07:56:52 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8a0eba3c8f881dd718ab4d1bb5118f15\System.Web.Services.ni.dll
MOD - [2013/02/13 07:56:21 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
MOD - [2013/01/24 11:45:24 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
MOD - [2013/01/11 17:14:57 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll
MOD - [2013/01/11 17:13:33 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3283b562a391db4f3f6dcee754de15a8\CustomMarshalers.ni.dll
MOD - [2013/01/11 16:49:15 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013/01/11 16:48:54 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013/01/11 16:47:03 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013/01/11 16:46:43 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013/01/02 02:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2009/10/23 20:34:36 | 000,827,904 | ---- | M] () -- C:\Program Files\dvd43\DVD43_Tray.exe
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/06/29 14:47:38 | 008,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2013/05/23 20:51:07 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/16 20:24:01 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 09:28:40 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/03/22 10:09:37 | 002,787,280 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013/01/24 11:45:24 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV - [2012/08/03 16:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Stopped] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Documents and Settings\Richard\Application Data\HP SimpleSave Application\uUACTokenSvc.exe -- (BackupService)
SRV - [2006/09/28 05:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/06/12 16:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\notcable.sys -- (notecable) NoteCable Driver (WDM)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Combo-Fix\catchme.sys -- (catchme)
DRV - [2013/05/09 04:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 04:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 04:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 04:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 04:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/03/04 17:30:14 | 000,709,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 14:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2007/11/23 18:41:27 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2007/06/08 00:05:42 | 000,230,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmdcap.sys -- (U6000ALL) HDTV110 TV Box(ALL)
DRV - [2007/02/06 16:05:14 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/07/31 08:44:00 | 000,580,992 | ---- | M] (Omnivision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov550i.sys -- (APL531)
DRV - [2006/06/06 16:39:56 | 000,061,952 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\5U870CAP.sys -- (5U870CAP_VID_1262&PID_25FD)
DRV - [2006/06/02 11:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/12 16:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/04/21 13:06:24 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/04/20 12:03:20 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/04/20 12:02:40 | 000,208,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/04/20 12:02:36 | 000,727,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/12/22 13:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/11/16 16:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/11/01 14:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/09/19 17:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 17:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 17:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004/09/22 18:41:00 | 000,020,608 | ---- | M] (Empia Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emaudio.sys -- (emAudio)
DRV - [2004/09/22 10:42:12 | 000,079,563 | R--- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2004/09/21 15:52:54 | 000,110,653 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2004/09/21 15:52:44 | 000,004,857 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...5-0018DEA39B54}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...5-0018DEA39B54}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...5-0018DEA39B54}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL Search\AOLSearch.dll (America Online, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{48B89D11-9BFC-4F19-932C-3913CB059DF0}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{B1B26277-3AD2-4E2E-9586-EEB72AF97846}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...5-0018DEA39B54}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "http://www.delta-sea...D0C83A35C32C06"
FF - prefs.js..extensions.enabledItems: {15840255-aa35-43f6-8a87-7ff8ecbf746b}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.8.3
FF - prefs.js..extensions.enabledItems: [email protected]:7.0.1426
FF - prefs.js..keyword.URL: "http://start.sweetpa...18DEA39B54}&q="
FF - prefs.js..browser.startup.homepage: "http://www.delta-sea...D0C83A35C32C06"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/22 08:39:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/05/11 08:43:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/23 20:51:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/20 06:31:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2010/12/08 14:01:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2013/05/20 06:31:15 | 000,000,000 | ---D | M]

[2011/01/08 13:55:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Extensions
[2013/05/11 08:43:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions
[2013/05/11 08:41:19 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2013/05/11 08:43:58 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\{15840255-aa35-43f6-8a87-7ff8ecbf746b}
[2011/03/12 13:59:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/03/09 14:07:27 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\[email protected]
[2013/05/03 18:21:29 | 000,006,515 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\babylon.xml
[2013/05/03 18:21:29 | 000,006,515 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\BrowserProtect.xml
[2013/03/09 14:07:37 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\delta.xml
[2013/05/11 08:44:14 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\sweetim.xml
[2013/05/24 08:13:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions
[2013/05/23 20:51:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/23 20:51:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\RICHARD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\F58CESR8.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\RICHARD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\F58CESR8.DEFAULT\EXTENSIONS\[email protected]
[2013/05/22 08:39:11 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/05/11 08:43:36 | 000,000,000 | ---D | M] (Updater By SweetPacks) -- C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
[2013/03/09 14:07:02 | 000,006,512 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Updater By SweetPacks = C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: No name found = C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1\

O1 HOSTS File: ([2012/04/12 17:50:21 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL Search\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (TopArcadeHits Games) - {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Documents and Settings\Richard\Local Settings\Application Data\TopArcadeHits\Toparcadehits.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\QuickShare.exe (Smartbar)
O4 - Startup: C:\Documents and Settings\Richard\Start Menu\Programs\StartUp\Dropbox.lnk = C:\Documents and Settings\Richard\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_11.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab (Photodex Presenter AX control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F2E6A3D-7616-4A97-9D0C-012DD79FB695}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2013/05/22 16:59:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Richard\Recent
[2013/05/22 16:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\My Documents\Mom Stuff
[2013/05/20 13:11:37 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2013/05/11 09:24:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013/05/11 08:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\RealNetworks
[2013/05/11 08:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2013/05/11 08:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Updater By SweetPacks
[2013/05/11 08:42:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar
[2013/05/11 08:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Start Menu\Programs\TopArcadeHits
[2013/05/11 08:41:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Local Settings\Application Data\TopArcadeHits
[2013/05/09 19:13:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Photodex

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Richard\Desktop\CAQ3GX69.
[2013/05/25 10:41:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2013/05/24 20:39:00 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/24 20:20:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/24 18:59:21 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\TopArcadeHits.job
[2013/05/24 08:34:53 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1822776557-255028557-411053859-1005.job
[2013/05/24 08:34:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/23 20:57:30 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\Microsoft Office Word 2003.lnk
[2013/05/23 15:21:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/05/22 15:09:37 | 001,753,367 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\IntelliFax_775_EN_86.PDF
[2013/05/22 08:39:18 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/21 13:47:41 | 000,407,012 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\NYC_Cooling_Season_Guidelines_2013.pdf
[2013/05/20 23:51:28 | 011,105,424 | ---- | M] () -- C:\QDATA22.QDF
[2013/05/20 23:51:28 | 000,029,696 | ---- | M] () -- C:\QDATA22.QEL
[2013/05/20 23:50:42 | 001,396,440 | ---- | M] () -- C:\QDATA22.IDX
[2013/05/20 07:20:08 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071958.reg
[2013/05/20 07:19:26 | 000,009,114 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071916.reg
[2013/05/20 07:18:15 | 000,479,566 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071747.reg
[2013/05/20 07:10:55 | 000,356,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/20 06:51:04 | 000,530,254 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/20 06:51:04 | 000,098,050 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/16 20:23:58 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/05/16 20:23:57 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/05/11 09:29:02 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ProShow Gold.lnk
[2013/05/11 09:03:09 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1822776557-255028557-411053859-1005.job
[2013/05/09 04:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/09 04:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/09 04:59:10 | 000,174,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/09 04:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/09 04:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/09 04:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/09 04:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/03 17:33:57 | 000,079,292 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

========== Files Created - No Company Name ==========

File not found -- C:\Documents and Settings\Richard\Desktop\CAQ3GX69.
[2013/05/22 15:09:32 | 001,753,367 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\IntelliFax_775_EN_86.PDF
[2013/05/21 13:47:38 | 000,407,012 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\NYC_Cooling_Season_Guidelines_2013.pdf
[2013/05/20 07:20:02 | 000,000,172 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071958.reg
[2013/05/20 07:19:19 | 000,009,114 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071916.reg
[2013/05/20 07:17:54 | 000,479,566 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071747.reg
[2013/05/11 09:29:01 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ProShow Gold.lnk
[2013/05/11 08:56:15 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1822776557-255028557-411053859-1005.job
[2013/05/11 08:56:13 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1822776557-255028557-411053859-1005.job
[2013/05/11 08:41:15 | 000,000,342 | ---- | C] () -- C:\WINDOWS\tasks\TopArcadeHits.job
[2013/04/19 19:40:46 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Richard\Application Data\inst.exe
[2013/03/15 18:26:09 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/15 18:26:08 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/11/11 10:29:19 | 000,300,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/04/07 19:26:01 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/04/07 19:26:01 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/04/07 19:26:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/04/07 19:26:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/04/07 19:26:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/03/21 21:01:47 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012/03/21 21:01:47 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\drivers\RaCoInst.dat
[2012/02/17 04:20:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/08 16:17:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

< End of report >

Attached Files

•  OTL.Txt   87.64KB   57 downloads

[Advertisements]

Hi there lets see if we can give you your computer back

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

:OTL
SRV - [2013/03/22 10:09:37 | 002,787,280 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013/01/24 11:45:24 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...5-0018DEA39B54}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...5-0018DEA39B54}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...5-0018DEA39B54}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...5-0018DEA39B54}
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "http://www.delta-search.com/?affID=121107&tt=070313_9111gen&babsrc=HP_ss&mntrId=31D0C83A35C32C06"
FF - prefs.js..extensions.enabledItems: {15840255-aa35-43f6-8a87-7ff8ecbf746b}:1.0
FF - prefs.js..keyword.URL: "http://start.sweetpacks.com/?src=2&st=12&crg=3.5000006.10045&barid={47710DA5-BA38-11E2-BFF5-0018DEA39B54}&q="
FF - prefs.js..browser.startup.homepage: "http://www.delta-search.com/?affID=121107&tt=070313_9111gen&babsrc=HP_ss&mntrId=31D0C83A35C32C06"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/05/11 08:43:36 | 000,000,000 | ---D | M]
[2013/05/11 08:41:19 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2013/05/11 08:43:58 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\{15840255-aa35-43f6-8a87-7ff8ecbf746b}
[2013/03/09 14:07:27 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\[email protected]
[2013/05/03 18:21:29 | 000,006,515 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\babylon.xml
[2013/05/03 18:21:29 | 000,006,515 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\BrowserProtect.xml
[2013/03/09 14:07:37 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\delta.xml
[2013/05/11 08:44:14 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\sweetim.xml
[2013/05/11 08:43:36 | 000,000,000 | ---D | M] (Updater By SweetPacks) -- C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
[2013/03/09 14:07:02 | 000,006,512 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (TopArcadeHits Games) - {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Documents and Settings\Richard\Local Settings\Application Data\TopArcadeHits\Toparcadehits.dll ()
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\QuickShare.exe (Smartbar)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
[2013/05/11 08:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2013/05/11 08:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Updater By SweetPacks
[2013/05/11 08:42:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar
[2013/05/11 08:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Start Menu\Programs\TopArcadeHits
[2013/05/11 08:41:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Local Settings\Application Data\TopArcadeHits
[2013/05/24 18:59:21 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\TopArcadeHits.job
[2013/04/19 19:40:46 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Richard\Application Data\inst.exe

:Files
C:\Documents and Settings\All Users\Application Data\BrowserProtect

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN


Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete



Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

[Essexboy]

Hi there lets see if we can give you your computer back

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

:OTL
SRV - [2013/03/22 10:09:37 | 002,787,280 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013/01/24 11:45:24 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...5-0018DEA39B54}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...5-0018DEA39B54}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...5-0018DEA39B54}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...5-0018DEA39B54}
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "http://www.delta-search.com/?affID=121107&tt=070313_9111gen&babsrc=HP_ss&mntrId=31D0C83A35C32C06"
FF - prefs.js..extensions.enabledItems: {15840255-aa35-43f6-8a87-7ff8ecbf746b}:1.0
FF - prefs.js..keyword.URL: "http://start.sweetpacks.com/?src=2&st=12&crg=3.5000006.10045&barid={47710DA5-BA38-11E2-BFF5-0018DEA39B54}&q="
FF - prefs.js..browser.startup.homepage: "http://www.delta-search.com/?affID=121107&tt=070313_9111gen&babsrc=HP_ss&mntrId=31D0C83A35C32C06"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/05/11 08:43:36 | 000,000,000 | ---D | M]
[2013/05/11 08:41:19 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2013/05/11 08:43:58 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\{15840255-aa35-43f6-8a87-7ff8ecbf746b}
[2013/03/09 14:07:27 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\[email protected]
[2013/05/03 18:21:29 | 000,006,515 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\babylon.xml
[2013/05/03 18:21:29 | 000,006,515 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\BrowserProtect.xml
[2013/03/09 14:07:37 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\delta.xml
[2013/05/11 08:44:14 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\sweetim.xml
[2013/05/11 08:43:36 | 000,000,000 | ---D | M] (Updater By SweetPacks) -- C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
[2013/03/09 14:07:02 | 000,006,512 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (TopArcadeHits Games) - {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - C:\Documents and Settings\Richard\Local Settings\Application Data\TopArcadeHits\Toparcadehits.dll ()
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar\Application\QuickShare.exe (Smartbar)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
[2013/05/11 08:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2013/05/11 08:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Updater By SweetPacks
[2013/05/11 08:42:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Local Settings\Application Data\Smartbar
[2013/05/11 08:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Start Menu\Programs\TopArcadeHits
[2013/05/11 08:41:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Local Settings\Application Data\TopArcadeHits
[2013/05/24 18:59:21 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\TopArcadeHits.job
[2013/04/19 19:40:46 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Richard\Application Data\inst.exe

:Files
C:\Documents and Settings\All Users\Application Data\BrowserProtect

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN


Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete



Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

[featman]

Hi, Hope I did as instructed.
Thanks,Richard

OTL logfile created on: 5/25/2013 2:25:24 PM - Run 6
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Richard\Desktop\rarely used\Geeks Stuff April 2012
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.98 Mb Total Physical Memory | 58.30 Mb Available Physical Memory | 5.75% Memory free
2.38 Gb Paging File | 1.41 Gb Available in Paging File | 59.16% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 99.09 Gb Total Space | 29.34 Gb Free Space | 29.61% Space Free | Partition Type: NTFS
Drive D: | 11.67 Gb Total Space | 1.39 Gb Free Space | 11.88% Space Free | Partition Type: FAT32
Unable to calculate disk information.
Drive F: | 1.86 Gb Total Space | 0.73 Gb Free Space | 39.35% Space Free | Partition Type: FAT

Computer Name: PC785018295244 | User Name: Richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/23 20:51:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/11 09:28:40 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/03/12 03:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Richard\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/08/03 16:22:18 | 000,352,248 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2012/03/31 16:22:14 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Richard\Desktop\rarely used\Geeks Stuff April 2012\OTL.exe
PRC - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) -- C:\Documents and Settings\Richard\Application Data\HP SimpleSave Application\uUACTokenSvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/09/28 05:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/25 04:02:07 | 002,085,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13052500\algo.dll
MOD - [2013/05/23 20:51:06 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/20 07:31:58 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013/05/16 20:23:56 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013/05/11 09:28:40 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
MOD - [2013/03/22 10:08:36 | 002,520,016 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2013/02/13 07:56:02 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
MOD - [2013/01/11 16:49:15 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013/01/11 16:47:03 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013/01/11 16:46:43 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013/01/02 02:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2013/05/23 20:51:07 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/16 20:24:01 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 09:28:40 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/08/03 16:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/07/01 10:38:26 | 000,083,512 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Documents and Settings\Richard\Application Data\HP SimpleSave Application\uUACTokenSvc.exe -- (BackupService)
SRV - [2006/09/28 05:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/06/12 16:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\notcable.sys -- (notecable) NoteCable Driver (WDM)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Combo-Fix\catchme.sys -- (catchme)
DRV - [2013/05/09 04:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 04:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 04:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 04:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 04:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/03/04 17:30:14 | 000,709,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 14:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2007/11/23 18:41:27 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2007/06/08 00:05:42 | 000,230,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmdcap.sys -- (U6000ALL) HDTV110 TV Box(ALL)
DRV - [2007/02/06 16:05:14 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/07/31 08:44:00 | 000,580,992 | ---- | M] (Omnivision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov550i.sys -- (APL531)
DRV - [2006/06/06 16:39:56 | 000,061,952 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\5U870CAP.sys -- (5U870CAP_VID_1262&PID_25FD)
DRV - [2006/06/02 11:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/12 16:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/04/21 13:06:24 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/04/20 12:03:20 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/04/20 12:02:40 | 000,208,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/04/20 12:02:36 | 000,727,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/12/22 13:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/11/16 16:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/11/01 14:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/09/19 17:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 17:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 17:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004/09/22 18:41:00 | 000,020,608 | ---- | M] (Empia Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emaudio.sys -- (emAudio)
DRV - [2004/09/22 10:42:12 | 000,079,563 | R--- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2004/09/21 15:52:54 | 000,110,653 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2004/09/21 15:52:44 | 000,004,857 | R--- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL Search\AOLSearch.dll (America Online, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{48B89D11-9BFC-4F19-932C-3913CB059DF0}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{B1B26277-3AD2-4E2E-9586-EEB72AF97846}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/22 08:39:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/23 20:51:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/20 06:31:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2010/12/08 14:01:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2013/05/20 06:31:15 | 000,000,000 | ---D | M]

[2011/01/08 13:55:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Extensions
[2013/05/25 14:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions
[2011/03/12 13:59:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/05/03 18:21:29 | 000,006,515 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\f58cesr8.default\searchplugins\babylon.xml
[2013/05/24 08:13:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions
[2013/05/23 20:51:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/23 20:51:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/05/11 08:41:19 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\DOCUMENTS AND SETTINGS\RICHARD\APPLICATION DATA\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\RICHARD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\F58CESR8.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\RICHARD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\F58CESR8.DEFAULT\EXTENSIONS\[email protected]
[2013/05/22 08:39:11 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/03/09 14:07:02 | 000,006,512 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Updater By SweetPacks = C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: No name found = C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1\

O1 HOSTS File: ([2013/05/25 14:01:58 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL Search\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\Richard\Start Menu\Programs\StartUp\Dropbox.lnk = C:\Documents and Settings\Richard\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_11.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab (Photodex Presenter AX control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F2E6A3D-7616-4A97-9D0C-012DD79FB695}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - c:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2013/05/25 14:08:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\BrowserProtect
[2013/05/22 16:59:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Richard\Recent
[2013/05/22 16:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\My Documents\Mom Stuff
[2013/05/11 09:24:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealNetworks
[2013/05/11 08:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\RealNetworks
[2013/05/09 19:13:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Photodex

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Richard\Desktop\CAQ3GX69.
[2013/05/25 14:41:24 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2013/05/25 14:20:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/25 14:18:53 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/05/25 14:18:50 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1822776557-255028557-411053859-1005.job
[2013/05/25 14:18:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/25 14:01:58 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/05/23 20:57:30 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\Microsoft Office Word 2003.lnk
[2013/05/23 15:21:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/05/22 15:09:37 | 001,753,367 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\IntelliFax_775_EN_86.PDF
[2013/05/22 08:39:18 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/05/21 13:47:41 | 000,407,012 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\NYC_Cooling_Season_Guidelines_2013.pdf
[2013/05/20 23:51:28 | 011,105,424 | ---- | M] () -- C:\QDATA22.QDF
[2013/05/20 23:51:28 | 000,029,696 | ---- | M] () -- C:\QDATA22.QEL
[2013/05/20 23:50:42 | 001,396,440 | ---- | M] () -- C:\QDATA22.IDX
[2013/05/20 07:20:08 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071958.reg
[2013/05/20 07:19:26 | 000,009,114 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071916.reg
[2013/05/20 07:18:15 | 000,479,566 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071747.reg
[2013/05/20 07:10:55 | 000,356,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/20 06:51:04 | 000,530,254 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/20 06:51:04 | 000,098,050 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/11 09:29:02 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ProShow Gold.lnk
[2013/05/11 09:03:09 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1822776557-255028557-411053859-1005.job
[2013/05/09 04:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/05/09 04:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/05/09 04:59:10 | 000,174,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/09 04:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/09 04:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/09 04:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/09 04:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/05/03 17:33:57 | 000,079,292 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

========== Files Created - No Company Name ==========

File not found -- C:\Documents and Settings\Richard\Desktop\CAQ3GX69.
[2013/05/22 15:09:32 | 001,753,367 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\IntelliFax_775_EN_86.PDF
[2013/05/21 13:47:38 | 000,407,012 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\NYC_Cooling_Season_Guidelines_2013.pdf
[2013/05/20 07:20:02 | 000,000,172 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071958.reg
[2013/05/20 07:19:19 | 000,009,114 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071916.reg
[2013/05/20 07:17:54 | 000,479,566 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cc_20130520_071747.reg
[2013/05/11 09:29:01 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ProShow Gold.lnk
[2013/05/11 08:56:15 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1822776557-255028557-411053859-1005.job
[2013/05/11 08:56:13 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1822776557-255028557-411053859-1005.job
[2013/03/15 18:26:09 | 000,174,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/15 18:26:08 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/11/11 10:29:19 | 000,300,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/04/07 19:26:01 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/04/07 19:26:01 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/04/07 19:26:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/04/07 19:26:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/04/07 19:26:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/03/21 21:01:47 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012/03/21 21:01:47 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\drivers\RaCoInst.dat
[2012/02/17 04:20:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/08 16:17:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

========== LOP Check ==========

[2013/03/09 14:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/05/25 10:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy
[2009/12/09 13:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVDTOIPOD
[2013/03/20 17:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2012/06/13 19:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/03/09 14:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2013/05/20 07:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BrowserProtect
[2012/03/31 17:46:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2006/09/12 03:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2008/12/30 13:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2013/04/20 08:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2012/06/20 22:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGSI
[2011/07/08 19:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2008/10/20 17:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2013/05/11 08:50:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photodex
[2011/06/18 18:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/12/30 13:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2012/04/11 16:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2013/04/19 19:41:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VSO
[2008/09/12 17:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2007/11/13 03:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/08/13 16:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2010/06/23 06:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/04 17:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007/11/13 15:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\$CUERoot$
[2007/11/19 23:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Acoustica
[2009/12/18 00:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Amazon
[2013/03/09 14:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Babylon
[2012/10/29 17:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\com.Shutterfly.ExpressUploader
[2013/03/20 20:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\CopyToDvd
[2009/12/11 21:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\CopyTransPhoto
[2013/03/09 14:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Delta
[2013/05/25 14:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Dropbox
[2012/11/02 18:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Garmin
[2009/12/09 19:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\GetRightToGo
[2007/11/13 19:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\InterTrust
[2007/11/13 20:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Leadertech
[2008/10/20 22:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\muvee Technologies
[2008/10/26 22:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Netscape
[2008/12/30 12:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Nikon
[2007/12/08 22:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\NoteCable
[2013/04/19 19:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\OpenCandy
[2008/10/26 22:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Photodex
[2008/12/30 13:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Skinux
[2011/02/25 01:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Ulead Systems
[2013/04/19 19:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Vso
[2010/08/13 16:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\WindSolutions
[2013/05/25 14:18:53 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013/05/25 14:41:24 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job

========== Purity Check ==========



< End of report >

Attached Files

•  two forty OTL.Txt   80KB   52 downloads
•  AdwCleanerS1.txt   18.67KB   62 downloads

[Essexboy]

Has the performance improved at all ?

Please download Malwarebytes Anti-Malware to your desktop.

• Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan as shown below.
  
  
  
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When completed, a log will open in Notepad. Please save it to a convenient location and post the results.

The log can also be found here:

Windows 2000 & Windows XP:
C:\Documents and Settings\<USERNAME>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Windows Vista & Win7:
C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
----------

[featman]

Until this last scan...somewhat better. Still got pop ups and a non responsive program. It's almost as if a minimized program is sleeping...and doesn't want to get up.
Thanks

Attached Files

•  mbam-log-2013-05-25 (20-50-47).txt   2.49KB   65 downloads

[Essexboy]

Could you now defragment the hard drive and reboot, let me know how it is behaving then

Defragment instructions

[featman]

Hi, Defragmented and Rebooted. PC responding better but still, when I click on a link, I get an unwanted popup.

Thanks and Happy Memorial Day

[Essexboy]

What kind of popup is this ? Is it in all browsers

[featman]

I use Mozilla Firefox. They seem to generated from there. op ups like "improve pc performance"

Seems like the removal tools missed something or maybe I have a browser toolbar I need to get rid of?

[Essexboy]

Nope we will run a slightly different toolbar type cleaner, as sometimes AdwCleaner may leave a bit behind

Please download Junkware Removal Tool to your desktop.

• Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
• please be patient as this can take a while to complete depending on your system's specifications
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• post the contents of JRT.txt into your next message.

[featman]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Richard on Tue 05/28/2013 at 9:45:49.96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B1B26277-3AD2-4E2E-9586-EEB72AF97846}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Richard\Application Data\mozilla\firefox\profiles\f58cesr8.default\invalidprefs.js
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Emptied folder: C:\Documents and Settings\Richard\Application Data\mozilla\firefox\profiles\f58cesr8.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 05/28/2013 at 9:54:47.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Essexboy]

OK that got the apparent remnants, have the ads ceased ? Also how is the computer behaving ?

[featman]

Hi,
Just got a pop up about some college. Otherwise performance does seem better

[Essexboy]

Does this happen on every page or just the occasional one

[featman]

haven't really put it to the test but I'd say....occasional