Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Akamaihd? [Solved]

Started by Rickles , Jul 25 2013 03:38 AM

  • This topic is locked This topic is locked

#1
Rickles
Posted 25 July 2013 - 03:38 AM

Rickles

    Member

  • Member
  • PipPipPip
  • 629 posts
Hi,

Using XP with all the latest updates.

I downloaded and installed Aktiv Download Manager from the December 2012 issue of Tech Life Australia.

It did not seem any better so I uninstalled it.

Now I am plagued with pop-ups and website redirects from Akamaihd?

I ran all the usual cleaners, CC, ATF-Cleaner etc. Gave TDSSKiller a run but it found nothing.

So I came here.

Ran OTL and attached.

Regards
  • 0

Advertisements

#2
Essexboy
Posted 25 July 2013 - 06:32 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you attach the log please, or post it :)
  • 0

#3
Rickles
Posted 25 July 2013 - 09:04 AM

Rickles

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 629 posts
Hi,
As requested:

OTL logfile created on: 26/07/2013 12:43:59 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1015.23 Mb Total Physical Memory | 188.38 Mb Available Physical Memory | 18.56% Memory free
2.38 Gb Paging File | 1.65 Gb Available in Paging File | 69.37% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.25 Gb Total Space | 120.02 Gb Free Space | 86.19% Space Free | Partition Type: NTFS
Drive D: | 9.78 Gb Total Space | 6.31 Gb Free Space | 64.55% Space Free | Partition Type: NTFS
Drive J: | 7.53 Gb Total Space | 3.51 Gb Free Space | 46.60% Space Free | Partition Type: FAT32

Computer Name: HAL | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/25 18:57:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe
PRC - [2013/06/22 19:06:26 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2012/10/11 04:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
PRC - [2012/09/10 22:31:46 | 000,209,920 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Premium\OptimizerPro1\OptimizerPro1.exe
PRC - [2008/04/14 22:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 22:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2003/09/11 13:00:00 | 000,099,840 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I3F2.EXE


========== Modules (No Company Name) ==========

MOD - [2012/09/10 22:31:46 | 000,209,920 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Premium\OptimizerPro1\OptimizerPro1.exe
MOD - [2012/05/31 00:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
MOD - [2012/05/31 00:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/07/11 18:51:11 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/22 19:06:26 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/13 00:05:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2012/10/11 04:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe -- (MCLIENT)
SRV - [2012/09/20 16:42:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2008/04/14 22:00:00 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/14 22:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2006/03/23 17:06:38 | 000,880,128 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zghsnmea.sys -- (zghsnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zghsmdm.sys -- (zghsmdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zghsdiag.sys -- (zghsdiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/07/25 10:33:42 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130724.025\navex15.sys -- (NAVEX15)
DRV - [2013/07/25 10:33:42 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130724.025\naveng.sys -- (NAVENG)
DRV - [2013/06/29 10:01:09 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/06/29 10:01:09 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/06/18 17:29:17 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/06/01 02:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/23 15:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 15:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/16 15:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/25 10:43:56 | 000,396,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symtdi.sys -- (SYMTDI)
DRV - [2013/04/16 12:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NST\7DD04000.00A\ccsetx86.sys -- (ccSet_NST)
DRV - [2013/04/16 12:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ccsetx86.sys -- (ccSet_NIS)
DRV - [2013/03/05 11:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013/03/05 11:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2013/01/20 23:35:10 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130724.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/10/04 03:19:14 | 000,134,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MCLIENT\0302000.013\ccSetx86.sys -- (ccSet_MCLIENT)
DRV - [2012/01/05 09:01:54 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2011/07/13 13:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/07/13 13:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2010/02/11 22:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/10/27 07:48:00 | 004,881,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/09/10 14:10:00 | 000,207,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS3.sys -- (HSFHWBS3)
DRV - [2008/09/10 14:09:54 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008/09/10 14:09:52 | 000,985,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2008/08/07 21:14:56 | 000,111,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006/03/23 17:15:58 | 000,102,016 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2006/03/23 17:15:56 | 000,033,536 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006/03/23 17:15:56 | 000,029,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2006/03/23 17:00:28 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [1997/03/12 22:57:58 | 000,025,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\DRIVERX.SYS -- (DriverX)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://www.tsninternet.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=B8DF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tsn.cc/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 17 76 6C 00 13 CD 01 [binary data]
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://home.speedbit...q={searchTerms}
IE - HKCU\..\SearchScopes\{83977A08-51C9-49F4-8BAB-A4601F554B20}: "URL" = http://websearch.ask...29-37918749E8B3
IE - HKCU\..\SearchScopes\{8CD46B6B-E682-4D2A-A224-B4906D09F808}: "URL" = http://au.search.yah...p={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...ct=sb&qsrc=2869
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6PQK1zMCxu&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SpeedBit Search"
FF - prefs.js..browser.search.defaulturl: "http://home.speedbit...spx?aff=115&q="
FF - prefs.js..browser.search.order.1: "SpeedBit Search"
FF - prefs.js..browser.search.selectedEngine: "SpeedBit Search"
FF - prefs.js..browser.startup.homepage: "http://home.tsn.cc/"
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: %7B33e0daa6-3af3-d8b5-6752-10e949c61516%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.4.0.6%20-%201
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.4.1.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://home.speedbit...spx?aff=115&q="


FF - HKLM\Software\MozillaPlugins\@ei.WeatherBlink.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.2.0.18\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\ [2013/07/26 00:39:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn\ [2013/01/22 18:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/24 17:34:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\SingAlong\FF\

[2013/04/22 18:39:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2013/07/25 17:43:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\extensions
[2013/07/25 17:43:08 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2013/06/27 17:03:37 | 000,002,534 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\searchplugins\speedbit.xml
[2013/04/22 18:38:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/07/11 18:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/11 18:51:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/07/26 00:39:25 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\COFFPLGN
[2013/01/22 18:31:10 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPLGN
[2012/02/03 00:22:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

O1 HOSTS File: ([2008/04/14 22:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\HP_Administrator\Application Data\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DownloadHelper Class) - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EPSON Stylus Photo R310 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3F2.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2013/06/30 23:35:32 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2013/06/30 23:35:32 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 [2013/06/30 23:35:32 | 000,000,000 | ---D | M]
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download with AktivDownloadManager! - C:\Program Files\Aktiv Download Manager\aktivdownloadmanager.htm File not found
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\HP_Administrator\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O8 - Extra context menu item: Save video on Savevid.com - C:\Program Files\SavevidPlug-in\redirect.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - Reg Error: Value error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support....veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD92325D-038A-45BF-A896-DA038CC0C8DD}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (c:\progra~1\sprote~1\sprote~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - (TPSvc.dll) - File not found
O24 - Desktop WallPaper: C:\WINDOWS\ACD Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\ACD Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/26 01:04:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/25 18:06:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent
[2013/07/25 17:42:58 | 000,000,000 | ---D | C] -- C:\Program Files\Complitly
[2013/07/25 17:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Complitly
[2013/07/21 17:35:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/07/21 02:11:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/07/15 14:33:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/13 20:26:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/11 17:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Ashampoo
[2013/07/11 17:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
[2013/07/06 17:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2013/07/06 15:35:49 | 000,000,000 | ---D | C] -- C:\staging
[2013/06/30 17:55:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\EQATEC Analytics
[2013/06/28 17:10:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC User Video Toolkit 3
[2013/06/27 20:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Tibo Software
[2013/06/27 17:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2013/06/27 17:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
[2013/06/27 17:01:16 | 000,172,032 | ---- | C] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/26 00:50:00 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/26 00:44:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\Sing Along Update.job
[2013/07/26 00:39:01 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/26 00:39:01 | 000,000,586 | -H-- | M] () -- C:\WINDOWS\tasks\OptimizerPro1UpdaterTask{5337352D-E3BF-40D1-A99F-AA12C7DFA28A}.job
[2013/07/26 00:39:00 | 000,000,800 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_bc5fdc3a-06741D042CBF.job
[2013/07/26 00:38:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/26 00:04:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/26 00:04:00 | 000,000,800 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_bc5fdc3a-06741D042CBF.job
[2013/07/25 15:15:38 | 001,733,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/24 18:54:00 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AdvancedDriverUpdater_UPDATES.job
[2013/07/23 18:06:28 | 000,046,623 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Scale 1.jpg
[2013/07/22 01:40:23 | 000,025,157 | ---- | M] () -- C:\out.ini
[2013/07/18 22:21:39 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/13 20:40:28 | 000,496,962 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/13 20:40:28 | 000,085,446 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/11 20:20:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\dvdtest10024.dat
[2013/06/30 17:49:12 | 000,000,582 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_bc5fdc3a-00237D4B8A41.job
[2013/06/30 17:49:11 | 000,000,582 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_bc5fdc3a-00237D4B8A41.job
[2013/06/27 19:54:58 | 001,572,114 | ---- | M] () -- C:\WINDOWS\ACD Wallpaper.bmp
[2013/06/27 17:01:16 | 000,172,032 | ---- | M] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2013/06/27 17:01:16 | 000,109,216 | ---- | M] () -- C:\WINDOWS\System32\EasyHook64.dll
[2013/06/27 17:01:16 | 000,084,480 | ---- | M] () -- C:\WINDOWS\System32\EasyHook32.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/23 18:06:26 | 000,046,623 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Scale 1.jpg
[2013/07/22 01:38:58 | 000,025,157 | ---- | C] () -- C:\out.ini
[2013/06/30 17:49:12 | 000,000,582 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_bc5fdc3a-00237D4B8A41.job
[2013/06/30 17:49:10 | 000,000,582 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_bc5fdc3a-00237D4B8A41.job
[2013/06/27 17:03:38 | 000,000,800 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_bc5fdc3a-06741D042CBF.job
[2013/06/27 17:03:37 | 000,000,800 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_bc5fdc3a-06741D042CBF.job
[2013/06/27 17:02:20 | 000,109,216 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2013/06/27 17:02:20 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2013/04/29 14:22:13 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/27 12:01:20 | 001,733,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/10/20 12:22:23 | 000,000,397 | ---- | C] () -- C:\WINDOWS\Geo.INI
[2012/09/17 13:21:01 | 000,000,201 | ---- | C] () -- C:\WINDOWS\KUDOVW32.INI
[2012/09/13 19:29:10 | 000,157,696 | R--- | C] () -- C:\WINDOWS\ttiuninstall.exe
[2012/09/09 19:35:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\dvdtest10024.dat
[2012/08/20 01:11:10 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/05/17 22:38:29 | 003,286,621 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3591927661-3112361560-582597249-1006-0.dat
[2012/05/17 22:38:27 | 000,437,722 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/04/21 16:46:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/04/16 15:54:00 | 000,000,566 | ---- | C] () -- C:\WINDOWS\Tcd_a579b07e.ini
[2012/03/06 15:38:59 | 000,245,840 | ---- | C] () -- C:\WINDOWS\System32\DNLEng.dll
[2012/03/06 15:38:58 | 000,894,616 | ---- | C] () -- C:\WINDOWS\dbplugin.exe
[2012/02/16 22:20:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/12 14:27:39 | 000,025,601 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2012/01/31 16:18:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER310E.ini
[2012/01/30 12:17:44 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\default.pls
[2012/01/30 12:16:22 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/08 05:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll

========== ZeroAccess Check ==========

[2008/11/26 01:24:12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 22:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 22:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 22:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/04/29 13:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A-PDF
[2013/07/11 17:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
[2012/09/05 16:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Clarus
[2012/09/10 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD-Cloner
[2013/04/29 13:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\flipBook
[2013/05/10 17:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fpp
[2013/01/17 22:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2012/05/07 22:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2012/05/11 19:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2012/09/19 13:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/09/09 19:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leawo
[2012/04/11 00:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\onOne Software
[2012/11/18 16:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC User TVrip 2
[2013/06/28 17:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC User Video Toolkit 3
[2008/11/26 01:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2012/01/30 15:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2012/09/19 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2013/05/13 17:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMR322
[2013/07/25 17:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2012/09/19 00:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2013/07/25 17:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/01/31 16:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2012/02/17 16:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vso
[2012/12/20 23:30:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{87386CEB-BC00-465C-96D6-71F13BE96DD1}

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56E2E879

< End of report >

I did attach a file in my first post

Regards
  • 0

#4
Essexboy
Posted 25 July 2013 - 10:55 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
On completion of this can you let me know if the ads are still present

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Commands
[CREATERESTOREPOINT]

:OTL
C:\Documents and Settings\All Users\Application Data\Premium
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://home.speedbit...q={searchTerms}
IE - HKCU\..\SearchScopes\{83977A08-51C9-49F4-8BAB-A4601F554B20}: "URL" = http://websearch.ask...29-37918749E8B3
IE - HKCU\..\SearchScopes\{8CD46B6B-E682-4D2A-A224-B4906D09F808}: "URL" = http://au.search.yah...p={searchTerms}
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6PQK1zMCxu&i=26
FF - prefs.js..browser.search.defaultenginename: "SpeedBit Search"
FF - prefs.js..browser.search.defaulturl: "http://home.speedbit.com/search.aspx?aff=115&q="
FF - prefs.js..browser.search.order.1: "SpeedBit Search"
FF - prefs.js..browser.search.selectedEngine: "SpeedBit Search"
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..keyword.URL: "http://home.speedbit.com/search.aspx?aff=115&q="
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\HP_Administrator\Application Data\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O8 - Extra context menu item: &Download with AktivDownloadManager! - C:\Program Files\Aktiv Download Manager\aktivdownloadmanager.htm File not found
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O20 - AppInit_DLLs: (c:\progra~1\sprote~1\sprote~1.dll) - File not found
[2013/07/25 17:42:58 | 000,000,000 | ---D | C] -- C:\Program Files\Complitly
[2013/07/25 17:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Complitly
[2013/06/27 17:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2013/07/26 00:39:01 | 000,000,586 | -H-- | M] () -- C:\WINDOWS\tasks\OptimizerPro1UpdaterTask{5337352D-E3BF-40D1-A99F-AA12C7DFA28A}.job
[2012/09/19 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2013/05/13 17:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMR322
[2013/07/25 17:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2012/09/19 00:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN


Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#5
Rickles
Posted 26 July 2013 - 08:27 AM

Rickles

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 629 posts
Hi,
As instructed:

OTL logfile created on: 26/07/2013 8:08:45 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1015.23 Mb Total Physical Memory | 471.82 Mb Available Physical Memory | 46.47% Memory free
2.38 Gb Paging File | 1.96 Gb Available in Paging File | 82.35% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139.25 Gb Total Space | 120.31 Gb Free Space | 86.40% Space Free | Partition Type: NTFS
Drive D: | 9.78 Gb Total Space | 6.31 Gb Free Space | 64.55% Space Free | Partition Type: NTFS
Drive J: | 7.53 Gb Total Space | 3.48 Gb Free Space | 46.26% Space Free | Partition Type: FAT32

Computer Name: HAL | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/25 18:57:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL\OTL.exe
PRC - [2013/06/22 19:06:26 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2012/10/11 04:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
PRC - [2008/04/14 22:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/09/11 13:00:00 | 000,099,840 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I3F2.EXE


========== Modules (No Company Name) ==========

MOD - [2012/05/31 00:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
MOD - [2012/05/31 00:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/07/11 18:51:11 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/22 19:06:26 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/13 00:05:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013/05/21 14:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2012/10/11 04:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe -- (MCLIENT)
SRV - [2012/09/20 16:42:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2008/04/14 22:00:00 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/14 22:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2006/03/23 17:06:38 | 000,880,128 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zghsnmea.sys -- (zghsnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zghsmdm.sys -- (zghsmdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zghsdiag.sys -- (zghsdiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/07/25 10:33:42 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130725.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/07/25 10:33:42 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130725.023\NAVENG.SYS -- (NAVENG)
DRV - [2013/06/29 10:01:09 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/06/18 17:29:17 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/06/01 02:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130715.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/23 15:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 15:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/16 15:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/25 10:43:56 | 000,396,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symtdi.sys -- (SYMTDI)
DRV - [2013/04/16 12:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NST\7DD04000.00A\ccsetx86.sys -- (ccSet_NST)
DRV - [2013/04/16 12:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ccsetx86.sys -- (ccSet_NIS)
DRV - [2013/03/05 11:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013/03/05 11:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2013/01/20 23:35:10 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130725.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/10/04 03:19:14 | 000,134,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MCLIENT\0302000.013\ccSetx86.sys -- (ccSet_MCLIENT)
DRV - [2012/01/05 09:01:54 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2011/07/13 13:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/07/13 13:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2010/02/11 22:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/10/27 07:48:00 | 004,881,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/09/10 14:10:00 | 000,207,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS3.sys -- (HSFHWBS3)
DRV - [2008/09/10 14:09:54 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008/09/10 14:09:52 | 000,985,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2008/08/07 21:14:56 | 000,111,360 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006/03/23 17:15:58 | 000,102,016 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2006/03/23 17:15:56 | 000,033,536 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006/03/23 17:15:56 | 000,029,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2006/03/23 17:00:28 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [1997/03/12 22:57:58 | 000,025,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\DRIVERX.SYS -- (DriverX)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://www.tsninternet.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=B8DF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.tsn.cc/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 17 76 6C 00 13 CD 01 [binary data]
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...ct=sb&qsrc=2869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://home.tsn.cc/"
FF - prefs.js..extensions.enabledAddons:
FF - prefs.js..extensions.enabledAddons: %7B33e0daa6-3af3-d8b5-6752-10e949c61516%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.4.0.6%20-%201
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.4.1.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0


FF - HKLM\Software\MozillaPlugins\@ei.WeatherBlink.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.2.0.18\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\ [2013/07/26 20:02:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn\ [2013/01/22 18:31:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/24 17:34:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\SingAlong\FF\

[2013/04/22 18:39:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2013/07/25 17:43:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\extensions
[2013/07/25 17:43:08 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2013/06/27 17:03:37 | 000,002,534 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\searchplugins\speedbit.xml
[2013/04/22 18:38:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/07/11 18:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/11 18:51:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/07/26 20:02:47 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\COFFPLGN
[2013/01/22 18:31:10 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPLGN
[2012/02/03 00:22:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

O1 HOSTS File: ([2013/07/26 20:00:59 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DownloadHelper Class) - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EPSON Stylus Photo R310 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3F2.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\HP_Administrator\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O8 - Extra context menu item: Save video on Savevid.com - C:\Program Files\SavevidPlug-in\redirect.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - Reg Error: Value error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support....veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - (TPSvc.dll) - File not found
O24 - Desktop WallPaper: C:\WINDOWS\ACD Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\ACD Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/26 01:04:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/26 20:08:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Geeks
[2013/07/26 20:00:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/26 17:35:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/07/25 18:06:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent
[2013/07/15 14:33:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/13 20:26:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/07/11 17:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Ashampoo
[2013/07/11 17:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
[2013/07/06 17:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2013/07/06 15:35:49 | 000,000,000 | ---D | C] -- C:\staging
[2013/06/30 17:55:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\EQATEC Analytics
[2013/06/28 17:10:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC User Video Toolkit 3
[2013/06/27 20:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Tibo Software
[2013/06/27 17:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
[2013/06/27 17:01:16 | 000,172,032 | ---- | C] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx

========== Files - Modified Within 30 Days ==========

[2013/07/26 20:04:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/26 20:04:00 | 000,000,800 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_bc5fdc3a-06741D042CBF.job
[2013/07/26 20:02:45 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/26 20:02:45 | 000,000,800 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_bc5fdc3a-06741D042CBF.job
[2013/07/26 20:02:45 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\Sing Along Update.job
[2013/07/26 20:02:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/26 20:00:59 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/07/26 19:50:00 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/25 15:15:38 | 001,733,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/24 18:54:00 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AdvancedDriverUpdater_UPDATES.job
[2013/07/22 01:40:23 | 000,025,157 | ---- | M] () -- C:\out.ini
[2013/07/18 22:21:39 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/13 20:40:28 | 000,496,962 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/13 20:40:28 | 000,085,446 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/11 20:20:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\dvdtest10024.dat
[2013/06/30 17:49:12 | 000,000,582 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_bc5fdc3a-00237D4B8A41.job
[2013/06/30 17:49:11 | 000,000,582 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_bc5fdc3a-00237D4B8A41.job
[2013/06/27 19:54:58 | 001,572,114 | ---- | M] () -- C:\WINDOWS\ACD Wallpaper.bmp
[2013/06/27 17:01:16 | 000,172,032 | ---- | M] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2013/06/27 17:01:16 | 000,109,216 | ---- | M] () -- C:\WINDOWS\System32\EasyHook64.dll
[2013/06/27 17:01:16 | 000,084,480 | ---- | M] () -- C:\WINDOWS\System32\EasyHook32.dll

========== Files Created - No Company Name ==========

[2013/07/22 01:38:58 | 000,025,157 | ---- | C] () -- C:\out.ini
[2013/06/30 17:49:12 | 000,000,582 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_bc5fdc3a-00237D4B8A41.job
[2013/06/30 17:49:10 | 000,000,582 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_bc5fdc3a-00237D4B8A41.job
[2013/06/27 17:03:38 | 000,000,800 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_bc5fdc3a-06741D042CBF.job
[2013/06/27 17:03:37 | 000,000,800 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_bc5fdc3a-06741D042CBF.job
[2013/06/27 17:02:20 | 000,109,216 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2013/06/27 17:02:20 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2013/04/29 14:22:13 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/27 12:01:20 | 001,733,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/10/20 12:22:23 | 000,000,397 | ---- | C] () -- C:\WINDOWS\Geo.INI
[2012/09/17 13:21:01 | 000,000,201 | ---- | C] () -- C:\WINDOWS\KUDOVW32.INI
[2012/09/13 19:29:10 | 000,157,696 | R--- | C] () -- C:\WINDOWS\ttiuninstall.exe
[2012/09/09 19:35:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\dvdtest10024.dat
[2012/08/20 01:11:10 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/05/17 22:38:29 | 003,286,621 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3591927661-3112361560-582597249-1006-0.dat
[2012/05/17 22:38:27 | 000,437,722 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/04/21 16:46:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/04/16 15:54:00 | 000,000,566 | ---- | C] () -- C:\WINDOWS\Tcd_a579b07e.ini
[2012/03/06 15:38:59 | 000,245,840 | ---- | C] () -- C:\WINDOWS\System32\DNLEng.dll
[2012/03/06 15:38:58 | 000,894,616 | ---- | C] () -- C:\WINDOWS\dbplugin.exe
[2012/02/16 22:20:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/12 14:27:39 | 000,025,601 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2012/01/31 16:18:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER310E.ini
[2012/01/30 12:17:44 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\default.pls
[2012/01/30 12:16:22 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/08 05:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll

========== ZeroAccess Check ==========

[2008/11/26 01:24:12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 22:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 22:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 22:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/04/29 13:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A-PDF
[2013/07/11 17:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
[2012/09/05 16:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Clarus
[2012/09/10 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD-Cloner
[2013/04/29 13:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\flipBook
[2013/05/10 17:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fpp
[2013/01/17 22:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2012/05/07 22:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2012/05/11 19:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2012/09/19 13:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/09/09 19:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leawo
[2012/04/11 00:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\onOne Software
[2012/11/18 16:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC User TVrip 2
[2013/06/28 17:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC User Video Toolkit 3
[2008/11/26 01:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2012/01/30 15:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2012/01/31 16:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2012/02/17 16:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vso
[2012/12/20 23:30:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{87386CEB-BC00-465C-96D6-71F13BE96DD1}

========== Purity Check ==========



< End of report >


And

# AdwCleaner v2.306 - Logfile created 07/26/2013 at 20:18:44
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : HP_Administrator - HAL
# Boot Mode : Normal
# Running from : C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\searchplugins\speedbit.xml
File Deleted : C:\WINDOWS\Tasks\Sing Along Update.job
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Search Settings
Folder Deleted : C:\Program Files\Common Files\Speedbit

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\IB Updater
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6492E171-2427-4932-B414-33574A089F5E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6492E171-2427-4932-B414-33574A089F5E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SProtector
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\Software\IB Updater
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\SpeedBit
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://home.speedbit.com/tab/?aff=115 --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\prefs.js

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\mgafxp61.default\user.js ... Deleted !

Deleted : user_pref("browser.startup.homepage_override_url", "hxxp://home.speedbit.com/?aff=115");

*************************

AdwCleaner[R1].txt - [9295 octets] - [26/07/2013 20:17:52]
AdwCleaner[S1].txt - [9462 octets] - [26/07/2013 20:18:44]

########## EOF - C:\AdwCleaner[S1].txt - [9522 octets] ##########


I have run the Internet for a couple of hours now with none of the pop ups I was getting before.

Regards
  • 0

#6
Essexboy
Posted 26 July 2013 - 09:04 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That looks good, any further problems before I tidy up
  • 0

#7
Rickles
Posted 26 July 2013 - 09:45 AM

Rickles

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 629 posts
Hi Essexboy,

No problems now as all seems to be back on track.

I am glad that you guys are there to help!

Regards
  • 0

#8
Essexboy
Posted 26 July 2013 - 11:17 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run AdwCleaner and select uninstall

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#9
Rickles
Posted 27 July 2013 - 08:27 AM

Rickles

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 629 posts
Hi Essexboy,

All done as instructed.

Full program of Malawarebytes installed and running.

I could not find a download for the Trusteer Rapport.

I sent an email to Tech Life about the problem with the program.

If that is all, thank you for your help and time.

regards
  • 0

#10
Essexboy
Posted 27 July 2013 - 08:30 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP