OTL Fix Log
========== PROCESSES ==========
All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3753000303-1846566046-2363456648-1007\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}\ not found.
Registry key HKEY_USERS\S-1-5-21-3753000303-1846566046-2363456648-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8020143D-5926-4394-A04D-DD0B649DA121}\ not found.
Registry key HKEY_USERS\S-1-5-21-3753000303-1846566046-2363456648-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
Registry key HKEY_USERS\S-1-5-21-3753000303-1846566046-2363456648-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}\ not found.
Registry key HKEY_USERS\S-1-5-21-3753000303-1846566046-2363456648-1007\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-3753000303-1846566046-2363456648-1007\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-3753000303-1846566046-2363456648-1007\Software\Microsoft\Windows\CurrentVersion\RunServices not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\BackupNoCDBurning deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLinkedConnections deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\CDRAutoRun not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry key HKEY_USERS\S-1-5-21-3753000303-1846566046-2363456648-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26906309-9d98-11da-ac74-0030bdf74598}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26906309-9d98-11da-ac74-0030bdf74598}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26906309-9d98-11da-ac74-0030bdf74598}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26906309-9d98-11da-ac74-0030bdf74598}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26906309-9d98-11da-ac74-0030bdf74598}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26906309-9d98-11da-ac74-0030bdf74598}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explorer.exe not found.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\skins\radio\gray03 folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\skins\radio folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\skins folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\override folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\util folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\weatherplugin\proppage folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\weatherplugin folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\searchcomponent folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\rssreader\proppage\images folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\rssreader\proppage folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\rssreader folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\radioplugin\proppage\widgets folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\radioplugin\proppage\images folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\radioplugin\proppage folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\radioplugin\js folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\radioplugin\images folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\radioplugin\css folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\radioplugin folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\msgboxplugin folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\emailchecker\proppage\widgets folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\emailchecker\proppage folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\emailchecker folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\common\proppage folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\common folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\bookmarksplugin\proppage\images folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\bookmarksplugin\proppage folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res\bookmarksplugin folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components\res folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\js_components folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\images\weather\png folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\images\weather folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\images\ticker folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\images\msgbox folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar\images folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465\Toolbar folder moved successfully.
C:\Documents and Settings\Gary\Application Data\FCTB000061465 folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\skins\radio\gray03 folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\skins\radio folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\skins folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\override folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\images\weather\png folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\images\weather folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\images\ticker folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\images\msgbox folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar\images folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465\Toolbar folder moved successfully.
C:\Documents and Settings\Rachael\Application Data\FCTB000061465 folder moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========
[EMPTYFLASH]
User:
Administrator
->Flash cache emptied: 492 bytes
User: All Users
User: bluetooth
User: Default User
->Flash cache emptied: 0 bytes
User: Gary
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: LogMeInRemoteUser
User: Lucy
->Flash cache emptied: 0 bytes
User: NetworkService
User: Owner
User: Rachael
->Flash cache emptied: 492 bytes
User: Sally
->Flash cache emptied: 506 bytes
Total Flash Files Cleaned = 0.00 mb
[EMPTYJAVA]
User:
Administrator
User: All Users
User: bluetooth
User: Default User
User: Gary
->Java cache emptied: 0 bytes
User: LocalService
User: LogMeInRemoteUser
User: Lucy
->Java cache emptied: 0 bytes
User: NetworkService
User: Owner
User: Rachael
->Java cache emptied: 0 bytes
User: Sally
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03312014_200957
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL Quick Scan
OTL logfile created on: 31/03/2014 22:29:29 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Sally\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 51.59% Memory free
3.83 Gb Paging File | 3.06 Gb Available in Paging File | 79.75% Paging File free
Paging file location(s): H:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 231.53 Gb Total Space | 83.33 Gb Free Space | 35.99% Space Free | Partition Type: NTFS
Drive F: | 46.93 Mb Total Space | 39.75 Mb Free Space | 84.71% Space Free | Partition Type: FAT
Drive G: | 3.00 Gb Total Space | 0.61 Gb Free Space | 20.28% Space Free | Partition Type: FAT32
Drive H: | 231.18 Gb Total Space | 97.88 Gb Free Space | 42.34% Space Free | Partition Type: NTFS
Computer Name: D591F02J | User Name: Sally | Logged in as
Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========PRC - [2014/03/31 20:08:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sally\Desktop\OTL.exe
PRC - [2014/03/15 01:50:42 | 000,859,976 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/01/08 15:19:40 | 000,966,656 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK\RTL8185 Wireless LAN Utility\RtWLan.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========MOD - [2014/03/15 01:50:40 | 013,637,448 | ---- | M] () -- C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
MOD - [2014/03/15 01:50:40 | 000,394,568 | ---- | M] () -- C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll
MOD - [2014/03/15 01:50:38 | 004,061,000 | ---- | M] () -- C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\pdf.dll
MOD - [2014/03/15 01:50:32 | 001,647,432 | ---- | M] () -- C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
MOD - [2014/03/15 01:50:30 | 000,051,016 | ---- | M] () -- C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
MOD - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2009/12/09 22:20:06 | 000,126,976 | ---- | M] () -- C:\Program Files\REALTEK\RTL8185 Wireless LAN Utility\EnumDevLib.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/07/12 12:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\REALTEK\RTL8185 Wireless LAN Utility\acAuth.dll
========== Services (SafeList) ==========SRV - File not found [Disabled | Stopped] -- -- (stllssvr)
SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [Disabled | Stopped] -- -- (Roxio Upnp Server 9)
SRV - File not found [Disabled | Stopped] -- -- (Roxio UPnP Renderer 9)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/03/11 20:52:28 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/28 07:54:10 | 000,118,896 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010/10/07 13:39:52 | 000,234,784 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\AirPrint\airprint.exe -- (AirPrint)
SRV - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/11/14 22:08:27 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/07/03 17:44:40 | 000,061,440 | ---- | M] (British Telecommunications Plc.) [Disabled | Stopped] -- C:\Program Files\BT Common Client\btomosrv.exe -- (BT Common Client)
SRV - [2002/09/02 09:51:40 | 000,049,152 | ---- | M] (GEAR Software) [Disabled | Stopped] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)
========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\scfint.sys -- (scfint)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\GenericMount.sys -- (GenericMount)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\321Studios\Shared\CDRPDACC.SYS -- (CDRPDACC)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\bcmwl5.sys -- (BCM43XX)
DRV - [2013/08/21 05:31:38 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/08/21 05:31:38 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/05/22 19:49:32 | 000,014,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2011/09/11 22:54:50 | 000,084,512 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vsflt58.sys -- (vidsflt58)
DRV - [2011/09/11 22:54:37 | 000,076,768 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2011/09/04 21:34:12 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/09/04 21:34:12 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/04/28 08:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/03/25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009/03/25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009/03/25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009/03/25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009/03/25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/04/13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/10/02 05:06:40 | 000,451,968 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/08/08 12:12:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/04/20 11:14:06 | 000,024,560 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\btwsp50.sys -- (BTWSp50)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/09/24 14:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/09/18 12:54:48 | 000,016,640 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2006/08/18 12:10:24 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\K320bus.sys -- (K320bus)
DRV - [2006/08/18 12:10:22 | 000,097,056 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\K320mdm.sys -- (K320mdm)
DRV - [2006/08/18 12:10:22 | 000,009,328 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\K320mdfl.sys -- (K320mdfl)
DRV - [2006/08/18 12:10:20 | 000,088,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\K320mgmt.sys -- (K320mgmt)
DRV - [2006/08/18 12:10:18 | 000,086,368 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\K320obex.sys -- (K320obex)
DRV - [2006/07/24 03:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/07/24 03:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/03/04 13:00:00 | 000,241,664 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\c2scsi.sys -- (c2scsi)
DRV - [2005/11/16 16:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/05/31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005/05/31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005/04/30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005/04/30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005/04/30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005/04/07 17:18:34 | 000,003,840 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2005/03/25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004/12/16 16:32:54 | 000,013,304 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004/10/19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004/08/04 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/12/08 18:33:20 | 000,123,276 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.sys -- (SoC PC-Camera Service)
DRV - [2003/01/10 11:56:34 | 000,030,921 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SQCaptur.sys -- (DCamUSBSQTECH)
DRV - [2002/06/10 15:20:50 | 000,039,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcd.sys -- (QCDonner)
DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.c...ferrer:source?}IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.co.uk/mywayIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page =
http://www.dell.co.uk/mywayIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.co.uk/mywayIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page =
http://www.dell.co.uk/mywayIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/IE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\..\SearchScopes,DefaultScope = {9CFD219D-ED6B-4E32-A6AE-F9E7A6AB1D10}
IE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ferrer:source?}IE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\..\SearchScopes\{4EAD5559-381D-478B-8E93-79727B5389BD}: "URL" =
http://uk.search.yah...p={searchTerms}IE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\..\SearchScopes\{9CFD219D-ED6B-4E32-A6AE-F9E7A6AB1D10}: "URL" =
http://www.google.co...&rlz=1I7GGLR_enIE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.5
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0
FF - prefs.js..keyword.URL: "
http://uk.search.yah...h?fr=mcafee&p="FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/20 20:03:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/20 20:03:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/03/01 12:16:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/03/01 12:16:19 | 000,000,000 | ---D | M]
[2012/04/02 16:28:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sally\Application Data\Mozilla\Extensions
[2012/11/11 22:18:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default\extensions
[2012/10/31 23:27:37 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default\extensions\ChoiceGuard@Microsoft
[2012/04/02 16:29:15 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2007/05/07 14:37:27 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default\searchplugins\siteadvisor.xml
[2013/12/20 19:44:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/03/01 10:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/03/01 10:43:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/03/01 11:06:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2014/03/01 11:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2014/03/01 11:06:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/20 20:03:06 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012/10/19 23:18:49 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2012/10/19 23:18:57 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2013/12/20 19:59:16 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2013/11/15 23:30:38 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
========== Chrome ==========CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: RealDownloader = C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_1\
CHR - Extension: Google Wallet = C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
O1 HOSTS File: ([2014/03/24 00:34:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\REALTEK RTL8185 Wireless LAN Utility.lnk = C:\Program Files\REALTEK\RTL8185 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}
http://pccheckup.del...oad/tgctlcm.cab (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
https://support.euro...iler/SysPro.CAB (Reg Error: Key error.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://go.microsoft....k/?linkid=67633 (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.mi...b?1353363277828 (MUWebControl Class)
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB}
http://download.micr...N-US/msorun.cab (IEAnimBehaviorFactory Class)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3A0C622-0B96-43C5-9438-17AAE5FC202B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4E494F6-7B3D-4A61-811D-378E70742D31}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\AutorunsDisabled\mctp - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Filter\AutorunsDisabled - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AutorunsDisabled: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Sally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sally\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/07/05 12:06:50 | 000,000,398 | ---- | M] () - F:\AUTOEXEC.UP -- [ FAT ]
O32 - AutoRun File - [2005/07/05 12:06:50 | 000,000,398 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT ]
O32 - AutoRun File - [2005/07/07 20:34:30 | 000,001,871 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========[2014/03/31 22:16:38 | 000,000,000 | ---D | C] -- C:\FRST
[2014/03/27 20:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sally\Application Data\FixZeroAccess
[2014/03/24 22:39:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sally\Desktop\OTL.exe
[2014/03/24 22:35:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014/03/24 00:38:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014/03/23 23:42:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/03/23 19:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\VirusTotalUploader2
[2014/03/23 19:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sally\Start Menu\Programs\VirusTotal Uploader 2.2
[2014/03/23 15:49:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/03/23 09:04:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sally\Desktop\Copy of OTL.exe
[2014/03/15 00:38:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/03/14 19:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sally\Application Data\wsInspector
[2014/03/14 19:13:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sally\My Documents\wsInspector
========== Files - Modified Within 30 Days ==========[2014/03/31 22:34:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{33F4E96D-A646-4D58-829B-31D1A666AAE9}.job
[2014/03/31 22:32:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{590D0C85-5D8A-458F-87E7-F9EFAE2F358A}.job
[2014/03/31 22:31:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4D5D3230-4EAE-493D-918D-BECD68FA5DAC}.job
[2014/03/31 22:30:00 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F753D7C8-3562-4E8D-A57C-7C8027CB7A0C}.job
[2014/03/31 20:11:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/03/31 20:11:15 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/03/31 20:11:02 | 2137,149,440 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/31 20:08:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sally\Desktop\OTL.exe
[2014/03/31 19:31:52 | 000,507,406 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/03/31 19:31:52 | 000,090,216 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/03/26 22:08:56 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2014/03/26 22:08:56 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2014/03/26 22:08:55 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3753000303-1846566046-2363456648-1009.job
[2014/03/26 22:08:55 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Schedule.job
[2014/03/26 22:08:53 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3753000303-1846566046-2363456648-1008.job
[2014/03/26 22:08:52 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3753000303-1846566046-2363456648-1009.job
[2014/03/26 22:08:51 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3753000303-1846566046-2363456648-1008.job
[2014/03/26 22:08:50 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1009UA.job
[2014/03/26 22:08:50 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1009Core.job
[2014/03/26 22:08:46 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1008UA.job
[2014/03/26 22:08:45 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1008Core.job
[2014/03/26 22:08:45 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/26 22:08:42 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/26 22:08:41 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/03/26 22:08:41 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014/03/24 23:39:28 | 003,825,540 | ---- | M] () -- C:\Documents and Settings\Sally\Desktop\reg009-OTL does not like.reg
[2014/03/24 00:34:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014/03/23 19:23:54 | 000,001,754 | ---- | M] () -- C:\Documents and Settings\Sally\Desktop\VirusTotal Uploader 2.2.lnk
[2014/03/23 17:26:02 | 000,118,562 | ---- | M] () -- C:\Documents and Settings\Sally\Desktop\OTL hangs.JPG
[2014/03/23 16:04:29 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/03/23 15:44:56 | 000,359,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/03/23 08:56:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sally\Desktop\Copy of OTL.exe
[2014/03/16 12:51:31 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/16 12:45:57 | 000,002,318 | ---- | M] () -- C:\Documents and Settings\Sally\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/16 12:45:57 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Sally\Desktop\Google Chrome.lnk
[2014/03/14 22:38:10 | 000,000,015 | ---- | M] () -- C:\Documents and Settings\Sally\Desktop\settings.dat
[2014/03/14 19:19:48 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\REALTEK RTL8185 Wireless LAN Utility.lnk
[2014/03/14 19:13:06 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Sally\Desktop\Startup Inspector for Windows.lnk
========== Files Created - No Company Name ==========[2014/03/26 15:22:43 | 2137,149,440 | -HS- | C] () -- C:\hiberfil.sys
[2014/03/24 23:39:27 | 003,825,540 | ---- | C] () -- C:\Documents and Settings\Sally\Desktop\reg009-OTL does not like.reg
[2014/03/23 19:23:54 | 000,001,754 | ---- | C] () -- C:\Documents and Settings\Sally\Desktop\VirusTotal Uploader 2.2.lnk
[2014/03/23 17:26:02 | 000,118,562 | ---- | C] () -- C:\Documents and Settings\Sally\Desktop\OTL hangs.JPG
[2014/03/16 12:36:14 | 000,000,222 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/03/16 12:36:13 | 000,000,216 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/14 22:35:50 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\Sally\Desktop\settings.dat
[2014/03/14 19:13:06 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Sally\Desktop\Startup Inspector for Windows.lnk
[2014/01/03 23:19:34 | 000,332,274 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/11/16 00:50:00 | 000,014,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2013/10/30 13:07:00 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013/10/30 13:06:54 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013/10/30 13:06:54 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013/10/30 13:06:54 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013/10/30 13:06:54 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010/06/02 20:45:46 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Sally\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/11 11:52:07 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/20 20:14:14 | 000,000,108 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
========== ZeroAccess Check ==========[2004/08/10 14:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 01:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========[2014/03/01 11:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2008/12/28 00:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy
[2008/12/28 02:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2011/10/23 18:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2014/03/26 15:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2007/05/12 16:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2010/04/02 20:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BT Access Manager
[2010/04/02 20:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BT Common Client
[2013/04/07 18:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2006/05/20 20:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cloanto
[2008/10/24 18:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2014/01/16 00:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/10/24 21:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone DEMO
[2014/01/03 23:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010/04/02 21:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Wireless
[2014/03/01 21:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2007/11/29 18:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/12/05 21:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2013/06/27 20:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2007/03/04 20:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2014/03/31 19:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/12/28 02:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2014/01/25 14:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2006/06/04 14:57:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAMAHA
[2013/01/18 16:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
[2008/09/14 10:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/04/02 21:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2006/06/09 23:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\1ClickDVDCopy
[2007/03/09 12:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Audacity
[2006/04/02 22:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\BAMZOOKi
[2006/06/09 23:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\CopyToDvd
[2006/01/18 20:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Leadertech
[2008/12/27 10:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\MSNInstaller
[2007/03/09 12:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\NCH Swift Sound
[2009/12/05 21:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Teleca
[2006/01/19 18:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Template
[2010/11/28 10:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\TomTom
[2007/03/15 20:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\tunebite
[2007/03/11 11:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Ulead Systems
[2009/11/18 22:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Vso
[2012/09/02 13:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\wsInspector
[2008/12/18 20:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2006/03/01 19:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\Bamzooki
[2010/04/02 21:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\BT Access Manager
[2010/10/21 20:44:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\DVDVideoSoftIEHelpers
[2007/08/17 16:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\IMVU
[2012/03/18 23:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\IObit
[2009/12/05 21:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\Teleca
[2008/12/26 23:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\Vso
[2006/01/21 14:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\WebRenderer
[2006/08/02 17:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucy\Application Data\YAMAHA
[2008/08/21 01:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\SACore
[2007/08/19 16:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rachael\Application Data\IMVU
[2012/05/01 19:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rachael\Application Data\IObit
[2007/07/05 16:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rachael\Application Data\Template
[2007/08/26 11:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rachael\Application Data\Ulead Systems
[2008/09/14 14:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rachael\Application Data\WebRenderer
[2007/12/26 23:34:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rachael\Application Data\wsInspector
[2006/06/04 14:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rachael\Application Data\YAMAHA
[2011/09/11 14:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Acronis
[2013/07/30 19:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\coupons
[2014/01/15 23:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\ElevatedDiagnostics
[2014/03/27 20:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\FixZeroAccess
[2014/03/14 18:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\IObit
[2008/07/14 23:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Kio
[2013/03/11 21:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Leadertech
[2014/02/02 23:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Mael
[2013/08/15 13:09:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\NCH Swift Sound
[2011/10/23 17:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Opera
[2014/03/01 10:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Opera Software
[2012/05/31 19:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Oracle
[2014/01/03 23:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Samsung
[2009/12/07 15:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Teleca
[2007/12/21 19:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Viewpoint
[2012/11/01 21:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\Windows Live Writer
[2014/03/14 19:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sally\Application Data\wsInspector
========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sally\Desktop\Copy of OTL.exe:SummaryInformation
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Sally\My Documents\My Received Files:Roxio EMC Stream
< End of report >
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Sally (
administrator) on D591F02J on 31-03-2014 22:16:55
Running from C:\Documents and Settings\Sally\My Documents\2014 Gary\farbar
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingc...can-tool/dl/81/Download link for 64-Bit Version:
http://www.bleepingc...can-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\RTL8185 Wireless LAN Utility\RtWLan.exe
(Google Inc.) C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-23] (Intel Corporation)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-23] (Intel Corporation)
HKU\S-1-5-21-3753000303-1846566046-2363456648-1009\...\Run: [H/PC Connection Agent] - "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\REALTEK RTL8185 Wireless LAN Utility.lnk
ShortcutTarget: REALTEK RTL8185 Wireless LAN Utility.lnk -> C:\Program Files\REALTEK\RTL8185 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/...ferrer:source?}SearchScopes: HKCU - {4EAD5559-381D-478B-8E93-79727B5389BD} URL =
http://uk.search.yah...p={searchTerms}BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {01113300-3E00-11D2-8470-0060089874ED}
http://pccheckup.del...oad/tgctlcm.cabDPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
https://support.euro...iler/SysPro.CABDPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://go.microsoft....k/?linkid=67633DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.ma...director/sw.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://fpdownload.ma...director/sw.cabDPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC}
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cabDPF: {A4639D2F-774E-11D3-A490-00C04F6843FB}
http://download.micr...N-US/msorun.cabDPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cabHandler: AutorunsDisabled\belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: AutorunsDisabled\mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - No File
Handler: AutorunsDisabled\ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: AutorunsDisabled\mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
Handler: AutorunsDisabled\mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
Handler: AutorunsDisabled\wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Filter: AutorunsDisabled - No CLSID Value - No File
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default
FF SearchEngineOrder.1: Secure Search
FF Keyword.URL: hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npunagi2.dll (America Online, Inc.)
FF SearchPlugin: C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default\searchplugins\siteadvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Microsoft Choice Guard - C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default\Extensions\ChoiceGuard@Microsoft [2012-10-31]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Sally\Application Data\Mozilla\Firefox\Profiles\e5edr1zn.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-04-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-20]
Chrome:
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (RealDownloader) - C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-12-21]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Lucy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
S4 AirPrint; C:\Program Files\AirPrint\airprint.exe [234784 2010-10-07] (Apple Inc.)
S4 BT Common Client; C:\Program Files\BT Common Client\btomosrv.exe [61440 2007-07-03] (British Telecommunications Plc.)
S4 GEARSecurity; C:\WINDOWS\System32\GEARSEC.EXE [49152 2002-09-02] (GEAR Software)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53248 2001-05-01] (Microsoft Corporation)
S4 Roxio UPnP Renderer 9; No ImagePath
S4 Roxio Upnp Server 9; No ImagePath
S2 RoxLiveShare9; No ImagePath
S4 stllssvr; No ImagePath
==================== Drivers (Whitelisted) ====================
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S4 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2011-06-28] (Cisco Systems, Inc.)
S4 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2005-04-07] ()
S4 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [20480 2005-05-31] (IVT Corporation)
S4 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [10804 2005-04-30] (IVT Corporation)
S4 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation)
S4 BTHidEnum; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [11860 2005-04-30] ()
S4 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation)
S4 BTNetFilter; C:\WINDOWS\system32\drivers\BTNetFilter.sys [13304 2004-12-16] ()
S4 BTWSp50; C:\WINDOWS\System32\Drivers\BTWSp50.sys [24560 2007-04-20] (Printing Communications Assoc., Inc. (PCAUSA))
R1 c2scsi; C:\WINDOWS\system32\Drivers\c2scsi.sys [241664 2006-03-04] (Sonic Solutions)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [2432 2006-07-24] (Sonic Solutions)
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [2560 2006-07-24] (Sonic Solutions)
S3 DCamUSBSQTECH; C:\WINDOWS\System32\Drivers\SQcaptur.sys [30921 2003-01-10] (Service & Quality Technology.)
R3 dvd43llh; C:\WINDOWS\System32\DRIVERS\dvd43llh.sys [18816 2008-12-27] (RIF)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] ()
S3 K320bus; C:\WINDOWS\System32\DRIVERS\K320bus.sys [61504 2006-08-18] (MCCI)
S3 K320mdfl; C:\WINDOWS\System32\DRIVERS\K320mdfl.sys [9328 2006-08-18] (MCCI)
S3 K320mdm; C:\WINDOWS\System32\DRIVERS\K320mdm.sys [97056 2006-08-18] (MCCI)
S3 K320mgmt; C:\WINDOWS\System32\DRIVERS\K320mgmt.sys [88560 2006-08-18] (MCCI)
S3 K320obex; C:\WINDOWS\System32\DRIVERS\K320obex.sys [86368 2006-08-18] (MCCI)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Corporation)
S3 QCDonner; C:\WINDOWS\System32\DRIVERS\LVCD.sys [39936 2002-06-10] (Logitech Inc.)
R3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [451968 2007-10-02] (Ralink Technology, Corp.)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R3 rtl8185; C:\WINDOWS\System32\DRIVERS\rtl8185.sys [823936 2012-12-02] (Realtek Semiconductor Corporation )
S3 s1018obex; C:\WINDOWS\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [14776 2013-05-22] ()
S3 SoC PC-Camera Service; C:\WINDOWS\System32\DRIVERS\pfc027.sys [123276 2003-12-08] ()
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows ® 2000 DDK provider)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
S3 tbhsd; C:\WINDOWS\System32\drivers\tbhsd.sys [16640 2006-09-18] (RapidSolution Software AG)
R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation)
R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [82148 2005-03-25] (IVT Corporation)
R0 vidsflt58; C:\WINDOWS\System32\DRIVERS\vsflt58.sys [84512 2011-09-11] (Acronis)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31744 2005-06-14] (Microsoft Corporation)
S4 adfs; No ImagePath
S4 BCM43XX; system32\DRIVERS\bcmwl5.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 CDRPDACC; \??\C:\Program Files\321Studios\Shared\CDRPDACC.SYS [X]
S3 GenericMount; system32\DRIVERS\GenericMount.sys [X]
S3 scfint; system32\DRIVERS\scfint.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S0 sptd; System32\Drivers\sptd.sys [X]
U3 TlntSvr;
U2 V2iMount;
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-31 22:16 - 2014-03-31 22:16 - 00000000 ____D () C:\FRST
2014-03-31 20:16 - 2014-03-31 20:16 - 00022794 _____ () C:\Documents and Settings\Sally\Desktop\03312014_200957.log
2014-03-27 20:35 - 2014-03-27 20:35 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\FixZeroAccess
2014-03-26 22:03 - 2014-03-26 22:03 - 00147456 _____ () C:\Documents and Settings\Rachael\Desktop\catchme.exe
2014-03-26 22:03 - 2014-03-26 22:03 - 00000091 _____ () C:\Documents and Settings\Rachael\Desktop\catchme.log
2014-03-26 21:46 - 2014-03-26 21:46 - 00000000 ____D () C:\Documents and Settings\Rachael\Doctor Web
2014-03-26 21:41 - 2014-03-26 21:46 - 145443264 _____ () C:\Documents and Settings\Rachael\Desktop\fx9c36qj.exe
2014-03-26 21:03 - 2014-03-26 21:03 - 00001855 _____ () C:\Documents and Settings\Rachael\Desktop\aswMBR.txt
2014-03-26 21:03 - 2014-03-26 21:03 - 00000512 _____ () C:\Documents and Settings\Rachael\Desktop\MBR.dat
2014-03-26 21:01 - 2014-03-26 21:01 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Rachael\Desktop\aswmbr.exe
2014-03-26 20:54 - 2014-03-26 20:54 - 00104762 _____ () C:\Documents and Settings\Rachael\Desktop\OTL.Txt
2014-03-26 20:54 - 2014-03-26 20:54 - 00053282 _____ () C:\Documents and Settings\Rachael\Desktop\Extras.Txt
2014-03-26 15:50 - 2014-03-26 15:50 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Rachael\Desktop\OTL.exe
2014-03-26 15:47 - 2014-03-26 15:47 - 00000000 __SHD () C:\Documents and Settings\Rachael\IECompatCache
2014-03-26 15:47 - 2014-03-26 15:47 - 00000000 ____D () C:\Documents and Settings\Rachael\Application Data\RealNetworks
2014-03-26 15:45 - 2014-03-26 15:46 - 00000643 _____ () C:\WINDOWS\wmsetup.log
2014-03-24 23:39 - 2014-03-24 23:39 - 03825540 _____ () C:\Documents and Settings\Sally\Desktop\reg009-OTL does not like.reg
2014-03-24 22:39 - 2014-03-31 20:08 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Sally\Desktop\OTL.exe
2014-03-24 01:05 - 2014-03-26 15:34 - 00007128 _____ () C:\WINDOWS\setupapi.log
2014-03-24 00:38 - 2014-03-24 00:38 - 00020631 _____ () C:\ComboFix.txt
2014-03-23 23:42 - 2014-03-24 22:33 - 00000000 ____D () C:\Qoobox
2014-03-23 22:36 - 2014-03-23 22:36 - 00117752 _____ () C:\Documents and Settings\
Administrator\My Documents\OTL1.Txt
2014-03-23 22:36 - 2014-03-23 22:36 - 00050778 _____ () C:\Documents and Settings\
Administrator\My Documents\Extras1.Txt
2014-03-23 22:32 - 2014-03-23 09:08 - 00000634 _____ () C:\Documents and Settings\
Administrator\Desktop\otlscript.txt
2014-03-23 22:28 - 2014-03-23 22:28 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\
Administrator\Desktop\TFC.exe
2014-03-23 22:27 - 2014-03-23 22:27 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\
Administrator\Desktop\OTL.exe
2014-03-23 22:26 - 2014-03-23 22:26 - 00000000 __SHD () C:\Documents and Settings\
Administrator\IECompatCache
2014-03-23 22:26 - 2014-03-23 22:26 - 00000000 ____D () C:\Documents and Settings\
Administrator\Application Data\Macromedia
2014-03-23 19:23 - 2014-03-23 19:23 - 00001754 _____ () C:\Documents and Settings\Sally\Desktop\VirusTotal Uploader 2.2.lnk
2014-03-23 19:23 - 2014-03-23 19:23 - 00000000 ____D () C:\Program Files\VirusTotalUploader2
2014-03-23 19:23 - 2014-03-23 19:23 - 00000000 ____D () C:\Documents and Settings\Sally\Start Menu\Programs\VirusTotal Uploader 2.2
2014-03-23 15:49 - 2014-03-23 15:49 - 00000000 ____D () C:\_OTL
2014-03-23 09:04 - 2014-03-23 08:56 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Sally\Desktop\Copy of OTL.exe
2014-03-22 15:17 - 2014-03-22 15:17 - 00000000 __SHD () C:\Documents and Settings\
Administrator\PrivacIE
2014-03-22 15:17 - 2014-03-22 15:17 - 00000000 ____D () C:\Documents and Settings\
Administrator\Application Data\Adobe
2014-03-16 12:36 - 2014-03-31 20:11 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-16 12:36 - 2014-03-16 12:51 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-16 02:37 - 2014-03-16 02:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-16 02:04 - 2014-02-26 02:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-16 02:04 - 2014-02-26 02:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-03-16 01:44 - 2014-03-24 00:09 - 00000728 _____ () C:\Documents and Settings\
Administrator\Desktop\catchme.log
2014-03-16 01:44 - 2014-03-16 01:35 - 00147456 _____ () C:\Documents and Settings\
Administrator\Desktop\catchme.exe
2014-03-16 01:42 - 2014-03-16 01:42 - 00000000 __SHD () C:\Documents and Settings\
Administrator\IETldCache
2014-03-16 01:17 - 2014-03-16 01:17 - 00147456 _____ () C:\Documents and Settings\Gary\Desktop\catchme.exe
2014-03-16 01:15 - 2014-03-16 01:15 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\RealNetworks
2014-03-15 00:38 - 2014-03-26 15:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-15 00:17 - 2014-03-16 01:22 - 00000455 _____ () C:\Documents and Settings\Gary\Desktop\catchme.log
2014-03-14 22:56 - 2014-03-14 22:56 - 00060016 _____ () C:\RootRepeal report 03-14-14 (21-56-02).txt
2014-03-14 22:35 - 2014-03-14 22:38 - 00000015 _____ () C:\Documents and Settings\Sally\Desktop\settings.dat
2014-03-14 19:15 - 2014-03-14 19:19 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\wsInspector
2014-03-14 19:13 - 2014-03-14 19:13 - 00000766 _____ () C:\Documents and Settings\Sally\Desktop\Startup Inspector for Windows.lnk
2014-03-14 19:13 - 2014-03-14 19:13 - 00000000 ____D () C:\Documents and Settings\Sally\My Documents\wsInspector
2014-03-14 17:48 - 2014-03-14 17:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-01 21:48 - 2014-03-01 21:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SlySoft
2014-03-01 15:22 - 2014-03-01 15:22 - 00000782 _____ () C:\Documents and Settings\All Users\Desktop\CloneCD.lnk
2014-03-01 15:21 - 2014-03-01 15:21 - 00000000 ____D () C:\Program Files\SlySoft
2014-03-01 15:21 - 2014-03-01 15:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SlySoft
2014-03-01 12:15 - 2014-03-01 12:15 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-01 12:14 - 2014-03-01 12:15 - 00000000 ____D () C:\Program Files\QuickTime
2014-03-01 11:54 - 2014-03-01 11:54 - 00001558 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-03-01 11:54 - 2014-03-01 11:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-03-01 11:51 - 2014-03-01 11:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-01 11:21 - 2014-03-01 11:21 - 00000000 ____D () C:\Documents and Settings\Sally\Local Settings\Application Data\Skype
2014-03-01 10:33 - 2014-03-01 10:33 - 00000000 ____D () C:\Documents and Settings\Sally\Local Settings\Application Data\Opera Software
2014-03-01 10:33 - 2014-03-01 10:33 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\Opera Software
==================== One Month Modified Files and Folders =======
2014-03-31 22:17 - 2010-08-19 17:30 - 00000420 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{590D0C85-5D8A-458F-87E7-F9EFAE2F358A}.job
2014-03-31 22:16 - 2014-03-31 22:16 - 00000000 ____D () C:\FRST
2014-03-31 22:16 - 2009-10-27 00:28 - 00000420 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{4D5D3230-4EAE-493D-918D-BECD68FA5DAC}.job
2014-03-31 22:15 - 2014-01-19 15:27 - 00000000 ____D () C:\Documents and Settings\Sally\My Documents\2014 Gary
2014-03-31 22:15 - 2012-04-13 21:17 - 00000426 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F753D7C8-3562-4E8D-A57C-7C8027CB7A0C}.job
2014-03-31 22:14 - 2009-12-28 22:44 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{33F4E96D-A646-4D58-829B-31D1A666AAE9}.job
2014-03-31 21:59 - 2012-09-22 15:27 - 00032186 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-31 20:23 - 2011-06-28 17:57 - 00000000 _____ () C:\WINDOWS\RTacDbg.txt
2014-03-31 20:16 - 2014-03-31 20:16 - 00022794 _____ () C:\Documents and Settings\Sally\Desktop\03312014_200957.log
2014-03-31 20:12 - 2009-10-25 00:37 - 01263843 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-31 20:11 - 2014-03-16 12:36 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-31 20:11 - 2009-10-25 00:38 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-31 20:11 - 2009-10-25 00:38 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-31 20:11 - 2004-08-10 14:08 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-31 20:11 - 2004-08-10 13:51 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-31 20:10 - 2005-12-25 11:57 - 00000278 ___SH () C:\Documents and Settings\Sally\ntuser.ini
2014-03-31 20:08 - 2014-03-24 22:39 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Sally\Desktop\OTL.exe
2014-03-31 20:00 - 2004-08-10 14:02 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-03-31 19:50 - 2007-09-11 17:07 - 00106560 _____ () C:\Documents and Settings\Sally\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-03-31 19:36 - 2005-12-21 03:24 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-03-31 19:35 - 2005-12-21 03:24 - 00000000 ____D () C:\Program Files\Java
2014-03-31 19:31 - 2004-08-10 13:57 - 00610056 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-31 19:30 - 2005-12-21 03:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Viewpoint
2014-03-28 10:20 - 2004-08-10 13:51 - 00000895 _____ () C:\WINDOWS\win.ini
2014-03-27 20:35 - 2014-03-27 20:35 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\FixZeroAccess
2014-03-26 22:19 - 2007-08-10 10:54 - 00000000 ____D () C:\Program Files\Microsoft ActiveSync
2014-03-26 22:18 - 2005-12-25 08:42 - 00000178 ___SH () C:\Documents and Settings\Rachael\ntuser.ini
2014-03-26 22:17 - 2004-08-10 13:52 - 00000000 ____D () C:\WINDOWS\Help
2014-03-26 22:08 - 2014-01-19 14:52 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-26 22:08 - 2013-11-16 00:51 - 00000280 _____ () C:\WINDOWS\Tasks\SmartDefrag_Startup.job
2014-03-26 22:08 - 2013-11-16 00:51 - 00000278 _____ () C:\WINDOWS\Tasks\SmartDefragUpdate.job
2014-03-26 22:08 - 2013-02-19 18:52 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 22:08 - 2013-02-19 18:52 - 00000880 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 22:08 - 2012-12-28 22:36 - 00000282 _____ () C:\WINDOWS\Tasks\SmartDefrag_Schedule.job
2014-03-26 22:08 - 2012-09-09 17:16 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1009UA.job
2014-03-26 22:08 - 2012-09-09 17:16 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1009Core.job
2014-03-26 22:08 - 2011-11-14 17:21 - 00000284 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3753000303-1846566046-2363456648-1008.job
2014-03-26 22:08 - 2011-11-14 17:21 - 00000276 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3753000303-1846566046-2363456648-1008.job
2014-03-26 22:08 - 2011-11-11 20:54 - 00000286 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3753000303-1846566046-2363456648-1009.job
2014-03-26 22:08 - 2011-11-11 20:54 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3753000303-1846566046-2363456648-1009.job
2014-03-26 22:08 - 2011-08-16 17:03 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-03-26 22:08 - 2010-09-08 19:01 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1008UA.job
2014-03-26 22:08 - 2010-09-08 19:01 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1008Core.job
2014-03-26 22:03 - 2014-03-26 22:03 - 00147456 _____ () C:\Documents and Settings\Rachael\Desktop\catchme.exe
2014-03-26 22:03 - 2014-03-26 22:03 - 00000091 _____ () C:\Documents and Settings\Rachael\Desktop\catchme.log
2014-03-26 21:46 - 2014-03-26 21:46 - 00000000 ____D () C:\Documents and Settings\Rachael\Doctor Web
2014-03-26 21:46 - 2014-03-26 21:41 - 145443264 _____ () C:\Documents and Settings\Rachael\Desktop\fx9c36qj.exe
2014-03-26 21:46 - 2005-12-25 08:42 - 00000000 ____D () C:\Documents and Settings\Rachael
2014-03-26 21:03 - 2014-03-26 21:03 - 00001855 _____ () C:\Documents and Settings\Rachael\Desktop\aswMBR.txt
2014-03-26 21:03 - 2014-03-26 21:03 - 00000512 _____ () C:\Documents and Settings\Rachael\Desktop\MBR.dat
2014-03-26 21:01 - 2014-03-26 21:01 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Rachael\Desktop\aswmbr.exe
2014-03-26 20:54 - 2014-03-26 20:54 - 00104762 _____ () C:\Documents and Settings\Rachael\Desktop\OTL.Txt
2014-03-26 20:54 - 2014-03-26 20:54 - 00053282 _____ () C:\Documents and Settings\Rachael\Desktop\Extras.Txt
2014-03-26 15:50 - 2014-03-26 15:50 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Rachael\Desktop\OTL.exe
2014-03-26 15:47 - 2014-03-26 15:47 - 00000000 __SHD () C:\Documents and Settings\Rachael\IECompatCache
2014-03-26 15:47 - 2014-03-26 15:47 - 00000000 ____D () C:\Documents and Settings\Rachael\Application Data\RealNetworks
2014-03-26 15:46 - 2014-03-26 15:45 - 00000643 _____ () C:\WINDOWS\wmsetup.log
2014-03-26 15:46 - 2005-12-25 08:42 - 00000804 _____ () C:\Documents and Settings\Rachael\Start Menu\Programs\Windows Media Player.lnk
2014-03-26 15:45 - 2014-03-15 00:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-03-26 15:34 - 2014-03-24 01:05 - 00007128 _____ () C:\WINDOWS\setupapi.log
2014-03-24 23:39 - 2014-03-24 23:39 - 03825540 _____ () C:\Documents and Settings\Sally\Desktop\reg009-OTL does not like.reg
2014-03-24 22:33 - 2014-03-23 23:42 - 00000000 ____D () C:\Qoobox
2014-03-24 22:33 - 2009-10-24 23:56 - 00000000 ____D () C:\WINDOWS\ERDNT
2014-03-24 20:44 - 2004-08-10 14:08 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-24 00:43 - 2004-08-10 14:08 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-24 00:42 - 2006-01-03 21:53 - 00000178 ___SH () C:\Documents and Settings\
Administrator\ntuser.ini
2014-03-24 00:38 - 2014-03-24 00:38 - 00020631 _____ () C:\ComboFix.txt
2014-03-24 00:35 - 2004-08-10 13:51 - 00000255 _____ () C:\WINDOWS\system.ini
2014-03-24 00:09 - 2014-03-16 01:44 - 00000728 _____ () C:\Documents and Settings\
Administrator\Desktop\catchme.log
2014-03-23 22:36 - 2014-03-23 22:36 - 00117752 _____ () C:\Documents and Settings\
Administrator\My Documents\OTL1.Txt
2014-03-23 22:36 - 2014-03-23 22:36 - 00050778 _____ () C:\Documents and Settings\
Administrator\My Documents\Extras1.Txt
2014-03-23 22:28 - 2014-03-23 22:28 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\
Administrator\Desktop\TFC.exe
2014-03-23 22:27 - 2014-03-23 22:27 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\
Administrator\Desktop\OTL.exe
2014-03-23 22:26 - 2014-03-23 22:26 - 00000000 __SHD () C:\Documents and Settings\
Administrator\IECompatCache
2014-03-23 22:26 - 2014-03-23 22:26 - 00000000 ____D () C:\Documents and Settings\
Administrator\Application Data\Macromedia
2014-03-23 22:26 - 2006-01-03 21:53 - 00000000 ____D () C:\Documents and Settings\
Administrator
2014-03-23 19:45 - 2012-07-08 19:53 - 00000000 ____D () C:\Documents and Settings\Sally\My Documents\2012 Gary
2014-03-23 19:23 - 2014-03-23 19:23 - 00001754 _____ () C:\Documents and Settings\Sally\Desktop\VirusTotal Uploader 2.2.lnk
2014-03-23 19:23 - 2014-03-23 19:23 - 00000000 ____D () C:\Program Files\VirusTotalUploader2
2014-03-23 19:23 - 2014-03-23 19:23 - 00000000 ____D () C:\Documents and Settings\Sally\Start Menu\Programs\VirusTotal Uploader 2.2
2014-03-23 19:19 - 2009-11-08 09:10 - 00000000 ____D () C:\Documents and Settings\Sally\Tracing
2014-03-23 16:04 - 2006-05-27 20:26 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-23 15:49 - 2014-03-23 15:49 - 00000000 ____D () C:\_OTL
2014-03-23 15:44 - 2004-08-10 13:57 - 00359344 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-23 09:08 - 2014-03-23 22:32 - 00000634 _____ () C:\Documents and Settings\
Administrator\Desktop\otlscript.txt
2014-03-23 08:56 - 2014-03-23 09:04 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Sally\Desktop\Copy of OTL.exe
2014-03-22 19:13 - 2011-10-23 17:35 - 00000000 ____D () C:\Program Files\Opera
2014-03-22 15:17 - 2014-03-22 15:17 - 00000000 __SHD () C:\Documents and Settings\
Administrator\PrivacIE
2014-03-22 15:17 - 2014-03-22 15:17 - 00000000 ____D () C:\Documents and Settings\
Administrator\Application Data\Adobe
2014-03-21 22:56 - 2005-12-25 11:57 - 00000000 ____D () C:\Documents and Settings\Sally
2014-03-19 22:30 - 2011-11-27 22:49 - 00000000 ____D () C:\Dell80GB_Master Paragon
2014-03-17 23:40 - 2013-08-05 12:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-17 23:32 - 2005-12-24 22:14 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-16 12:51 - 2014-03-16 12:36 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-16 12:45 - 2012-09-09 17:19 - 00002300 _____ () C:\Documents and Settings\Sally\Desktop\Google Chrome.lnk
2014-03-16 02:37 - 2014-03-16 02:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-16 01:42 - 2014-03-16 01:42 - 00000000 __SHD () C:\Documents and Settings\
Administrator\IETldCache
2014-03-16 01:35 - 2014-03-16 01:44 - 00147456 _____ () C:\Documents and Settings\
Administrator\Desktop\catchme.exe
2014-03-16 01:34 - 2005-12-24 16:00 - 00000178 ___SH () C:\Documents and Settings\Gary\ntuser.ini
2014-03-16 01:22 - 2014-03-15 00:17 - 00000455 _____ () C:\Documents and Settings\Gary\Desktop\catchme.log
2014-03-16 01:17 - 2014-03-16 01:17 - 00147456 _____ () C:\Documents and Settings\Gary\Desktop\catchme.exe
2014-03-16 01:15 - 2014-03-16 01:15 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\RealNetworks
2014-03-16 01:15 - 2005-12-24 16:00 - 00000804 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Windows Media Player.lnk
2014-03-15 13:05 - 2006-02-28 22:01 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\Adobe
2014-03-15 13:04 - 2010-06-04 10:37 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-03-15 13:03 - 2006-02-28 22:01 - 00000000 ____D () C:\Documents and Settings\Sally\Local Settings\Application Data\Adobe
2014-03-14 22:56 - 2014-03-14 22:56 - 00060016 _____ () C:\RootRepeal report 03-14-14 (21-56-02).txt
2014-03-14 22:38 - 2014-03-14 22:35 - 00000015 _____ () C:\Documents and Settings\Sally\Desktop\settings.dat
2014-03-14 19:55 - 2008-02-28 21:29 - 00000000 ____D () C:\Program Files\Windows Live
2014-03-14 19:54 - 2010-10-21 20:44 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-03-14 19:54 - 2010-10-21 20:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DVDVideoSoft
2014-03-14 19:49 - 2013-03-31 11:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-03-14 19:19 - 2014-03-14 19:15 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\wsInspector
2014-03-14 19:13 - 2014-03-14 19:13 - 00000766 _____ () C:\Documents and Settings\Sally\Desktop\Startup Inspector for Windows.lnk
2014-03-14 19:13 - 2014-03-14 19:13 - 00000000 ____D () C:\Documents and Settings\Sally\My Documents\wsInspector
2014-03-14 19:13 - 2007-02-11 15:54 - 00000000 ____D () C:\Program Files\Startup Inspector for Windows
2014-03-14 19:13 - 2007-02-11 15:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Startup Inspector for Windows
2014-03-14 19:01 - 2013-03-31 11:14 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\Skype
2014-03-14 19:01 - 2004-08-10 14:01 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-03-14 18:24 - 2012-02-17 22:11 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\IObit
2014-03-14 18:04 - 2008-04-09 22:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 17:49 - 2009-10-26 23:55 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-14 17:48 - 2014-03-14 17:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 17:44 - 2014-03-14 17:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 17:42 - 2010-06-04 12:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-03-11 20:52 - 2014-01-19 14:52 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-11 20:52 - 2014-01-19 14:52 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-01 21:48 - 2014-03-01 21:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SlySoft
2014-03-01 15:37 - 2007-01-20 20:14 - 00000108 ___SH () C:\Documents and Settings\All Users\Application Data\.zreglib
2014-03-01 15:22 - 2014-03-01 15:22 - 00000782 _____ () C:\Documents and Settings\All Users\Desktop\CloneCD.lnk
2014-03-01 15:21 - 2014-03-01 15:21 - 00000000 ____D () C:\Program Files\SlySoft
2014-03-01 15:21 - 2014-03-01 15:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SlySoft
2014-03-01 14:46 - 2006-12-18 16:37 - 00000000 ____D () C:\Documents and Settings\Sally\Local Settings\Application Data\Ahead
2014-03-01 14:35 - 2006-06-04 14:44 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\Real
2014-03-01 13:13 - 2013-02-24 00:36 - 00000000 ____D () C:\Documents and Settings\Sally\My Documents\2013
2014-03-01 12:50 - 2012-06-12 00:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-01 12:15 - 2014-03-01 12:15 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-03-01 12:15 - 2014-03-01 12:14 - 00000000 ____D () C:\Program Files\QuickTime
2014-03-01 11:54 - 2014-03-01 11:54 - 00001558 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-03-01 11:54 - 2014-03-01 11:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-03-01 11:53 - 2014-03-01 11:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-01 11:53 - 2008-09-14 10:09 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 11:51 - 2008-09-14 10:09 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 11:35 - 2007-12-26 20:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
2014-03-01 11:21 - 2014-03-01 11:21 - 00000000 ____D () C:\Documents and Settings\Sally\Local Settings\Application Data\Skype
2014-03-01 11:06 - 2005-12-21 03:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-01 10:44 - 2012-04-02 16:26 - 00000746 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-01 10:44 - 2005-12-21 03:33 - 00000740 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-03-01 10:33 - 2014-03-01 10:33 - 00000000 ____D () C:\Documents and Settings\Sally\Local Settings\Application Data\Opera Software
2014-03-01 10:33 - 2014-03-01 10:33 - 00000000 ____D () C:\Documents and Settings\Sally\Application Data\Opera Software
Some content of TEMP:
====================
C:\Documents and Settings\Rachael\Local Settings\temp\catchme.dll
C:\Documents and Settings\Sally\Local Settings\temp\catchme.dll
C:\Documents and Settings\Sally\Local Settings\temp\vmpremov.exe
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Sally at 2014-03-31 22:18:00
Running from C:\Documents and Settings\Sally\My Documents\2014 Gary\farbar
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.1.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARTEuro (HKLM\...\{1D3C662A-F6C6-4767-A788-7AA43A9A1317}) (Version: 1.00.0000 - Dell)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Belarc Advisor 7.2 (HKLM\...\Belarc Advisor 2.0) (Version: - )
BlueSoleil (HKLM\...\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BT Access Manager (HKLM\...\{6F0A34C6-D0F5-4163-B9FF-0839849238F3}) (Version: 81.0.0 - British Telecommunications Plc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
Cloanto MenuBox (HKLM\...\{192E534C-3761-4CF6-A193-62F8A9A1D5F9}) (Version: 3.2.0 - Cloanto)
CloneCD (HKLM\...\CloneCD) (Version: - SlySoft)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer (HKLM\...\Coupon Printer2.2.0.1) (Version: 2.2.0.1 - Coupons.com Inc.) <==== ATTENTION
Data Lifeguard Diagnostic for Windows 1.24 (HKLM\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
dBpoweramp Windows Media Audio 10 Codec (HKLM\...\dBpoweramp Windows Media Audio 10 Codec) (Version: - )
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
Direct Show Ogg Vorbis Filter (remove only) (HKLM\...\OggDS) (Version: - )
DivX (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
DivX Content Uploader (HKLM\...\{D050D7362D214723AD585B541FFB6C11}) (Version: 1.2.1 - DivX, Inc.)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.3.1 - DivX,Inc.)
DMX Update (HKLM\...\{BE8913B7-B2C4-48BE-8A26-84390FF4F231}) (Version: - )
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 8555 (Build 292) - Speedbit Ltd.)
Driver Genius Professional Edition 2006 6.2.1525 (HKLM\...\Driver Genius Professional Edition 2006_is1) (Version: - Driver-Soft Inc.)
DriverGuide DriverScan (HKLM\...\DriverGuide DriverScan) (Version: 0.0.41 - )
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - )
DVD X Maker (HKLM\...\{79AD0F42-5C08-4A01-9EBF-2A1F78FC4C7E}) (Version: 2.1 - 321 Studios, Inc.)
DVD43 v4.4.0 (HKLM\...\DVD43_is1) (Version: - )
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version: - )
Free Audio CD Burner version 1.4 (HKLM\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free WMA to MP3 Converter 1.16 (HKLM\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
Free YouTube to MP3 Converter version 3.9 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.)
GearDrivers (HKLM\...\GearDrivers) (Version: - )
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (HKLM\...\{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) (Version: 1.1.1905.1 - Microsoft Corporation)
hp deskjet 6122 (HKLM\...\{E1F4FB82-3EA6-46B6-A18A-9B3A62DA393E}) (Version: 1.01.0000 - Hewlett-Packard)
hp deskjet 990c series (HKLM\...\hp deskjet 990c series_Driver) (Version: - )
HP USB Disk Storage Format Tool (HKLM\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - )
HTML Slideshow Powertoy for Windows XP (HKLM\...\{4E475FD4-4513-4B1D-8DDA-43912B068C99}) (Version: 1.0.2.0 - Microsoft Corporation)
HxD Hex Editor version 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4543 - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KaraFun 1.01b (HKLM\...\KaraFun_is1) (Version: - )
Kids Tables and Time (HKLM\...\Kids Tables and Time) (Version: - )
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
Logitech IM Video Companion (HKLM\...\{984F10FD-11FD-4BED-8163-92DB81E6A825}) (Version: 1.0.1.1184 - Logitech)
Logitech ImageStudio (HKLM\...\{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}) (Version: 7.20.0000 - Logitech, Inc.)
Magic ISO Maker v5.5 (build 0281) (HKLM\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Map Button (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Match-Up! (HKLM\...\{439800C9-FD42-4EA3-94D2-063DF0926873}) (Version: 1.0.0 - Microsoft)
MCU (Version: 1.00.0000 - Dell) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Image Composer 1.5 (HKLM\...\Image Composer) (Version: - )
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 3.0.127.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version: - )
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Word 97 (HKLM\...\Word8.0) (Version: - )
Microsoft Works 7.0 (HKLM\...\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}) (Version: 07.02.0620 - Microsoft Corporation)
Mixer (HKLM\...\MIXERLITE) (Version: - )
Mozilla Firefox 27.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 27.0 (x86 en-GB)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MP3 Player Utilities 4.11 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.11 - )
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
My DSC (HKLM\...\{225AF9A1-B556-88D5-94AA-0010B5426419}) (Version: - )
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Nero 7 Ultra Edition (HKLM\...\{29CBFC23-05A7-4286-93B8-BABE29BC1033}) (Version: 7.03.0637 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
OneCare Advisor (Windows Live Toolbar) (Version: 03.01.0072 - Microsoft Corporation) Hidden
Opera Stable 19.0.1326.63 (HKCU\...\Opera 19.0.1326.63) (Version: 19.0.1326.63 - Opera Software ASA)
PC Camera (HKLM\...\InstallShield_{5383D15F-68A1-4F67-A73E-E6F94949BFEE}) (Version: 0.1.1.9 - PC Camera)
PC Camera (Version: 0.1.1.9 - PC Camera) Hidden
PE Builder 3.1.10a (HKLM\...\PE Builder_is1) (Version: - Bart Lagerweij)
Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.)
Pippa Funnell (HKLM\...\{EF5A6DD8-4A03-4BDD-A7C3-5CA2FF02DCFA}) (Version: 1.00.000 - )
PowerDVD 5.9 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
REALTEK RTL8185 Wireless LAN Software (HKLM\...\{EF72E0A5-57E8-471F-837E-82BB19771363}) (Version: 1.00.0145 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Master (HKLM\...\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}) (Version: 1.0.43 - Samsung)
Samsung USB Driver (HKLM\...\{86D6A20D-3910-4441-A3E5-EB6977251C86}) (Version: 1.0 - Samsung Techwin)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.0 - Seagate Technology)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Shared C Run-time for x86 (Version: 10.0.0 - ) Hidden
Shopping Centre Tycoon (HKLM\...\Shopping Centre Tycoon) (Version: 1.00 - Deep Silver)
SightSpeed (remove only) (HKLM\...\SightSpeed) (Version: 5.0 (5018) - SightSpeed Inc.)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4600.0 - SigmaTel)
Smart Defrag 2 (HKLM\...\Smart Defrag 2_is1) (Version: 2.9 - IObit)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Sonic Audio module (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0.1 - Sonic Solutions)
Sonic Copy Module (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0.1 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0.1 - Sonic Solutions)
Sony Ericsson PC Suite (HKLM\...\{5F0FC860-ADE1-4B2D-B0A9-CB9FB17C46E8}) (Version: 1.30.52 - Sony Ericsson)
Sony Ericsson Update Service (HKLM\...\Update Service) (Version: 2.11.7.13 - Sony Ericsson Mobile Communications AB)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Super DVD Ripper (remove only) (HKLM\...\x2VCD) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tabbed Browsing (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
TextAloud MP3 (HKLM\...\TextAloud MP3_is1) (Version: - )
The Sims 2 (HKLM\...\{8AB8D458-939E-403F-0097-9BA1C1F013D5}) (Version: - )
The Sims 2 Glamour Life Stuff (HKLM\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - )
The Sims 2 Nightlife (HKLM\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version: - )
The Sims 2 Open For Business (HKLM\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - )
The Sims 2 Pets (HKLM\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
The Sims 2 University (HKLM\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version: - )
The Sims 2 Bon Voyage (HKLM\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
The Sims 2 H&M® Fashion Stuff (HKLM\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
The Sims 2 Seasons (HKLM\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
Theme Hospital (HKLM\...\Hospital) (Version: - )
Theme Park World (HKLM\...\Theme Park World) (Version: - )
TomTom HOME 2.7.6.2056 (HKLM\...\TomTom HOME) (Version: 2.7.6.2056 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Ulead MediaStudio Pro 7.0 Video Edition (HKLM\...\{4D701F5D-F149-4FAC-AAA2-A36C088C5FE3}) (Version: 7.0 - Ulead Systems, Inc.)
Ulead Photo Express 4.0 SE (HKLM\...\{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}) (Version: - )
Uninstall Startup Inspector (HKLM\...\{DE114695-AE58-4B66-8E0F-2505188602FB}_is1) (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version: - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2362765) (HKLM\...\KB2362765-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
V3780s User's Manual (HKLM\...\V3780s User's Manual) (Version: - )
VirusTotal Uploader 2.2 (HKLM\...\VTUploader) (Version: - )
WavePad Uninstall (HKLM\...\WavePad) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0017.0 - Microsoft Corporation)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0 - Microsoft) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20061107.210142 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Connect (Version: - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Format 9 Series SDK (HKLM\...\{EEE0F0A7-6B7D-4D1E-9498-43D9D012DDF7}) (Version: 9.0.0.2980 - Microsoft Corporation)
Windows Media Format SDK Hotfix - KB891122 (Version: - Microsoft Corporation) Hidden
Windows Media Player 10 Hotfix - KB888656 (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows Presentation Foundation (Version: 3.0.6920.0 - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinHex (HKLM\...\WinHex) (Version: - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinZip (HKLM\...\WinZip) (Version: 9.0 (6028) - WinZip Computing, Inc.)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
XviD MPEG-4 Video Codec (HKLM\...\xvid) (Version: - XviD Development Team)
YBS Account Aggregation (HKLM\...\{CC8A563E-7D2D-4589-B628-4379F1E8D4E1}) (Version: 1.0.197 - YBS)
Zoo Tycoon: Complete Collection (HKLM\...\Zoo Tycoon 1.0) (Version: - )
==================== Restore Points =========================
31-03-2014 19:00:18 System Checkpoint
31-03-2014 19:20:46 OTL Restore Point - 31/03/2014 20:20:36
==================== Hosts content: ==========================
2004-08-10 13:51 - 2014-03-24 00:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1008Core.job => C:\Documents and Settings\Lucy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1008UA.job => C:\Documents and Settings\Lucy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1009Core.job => C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3753000303-1846566046-2363456648-1009UA.job => C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3753000303-1846566046-2363456648-1008.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-3753000303-1846566046-2363456648-1009.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3753000303-1846566046-2363456648-1008.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-3753000303-1846566046-2363456648-1009.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\SmartDefragUpdate.job => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe
Task: C:\WINDOWS\Tasks\SmartDefrag_Schedule.job => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
Task: C:\WINDOWS\Tasks\SmartDefrag_Startup.job => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{33F4E96D-A646-4D58-829B-31D1A666AAE9}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{4D5D3230-4EAE-493D-918D-BECD68FA5DAC}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{590D0C85-5D8A-458F-87E7-F9EFAE2F358A}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{F753D7C8-3562-4E8D-A57C-7C8027CB7A0C}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2012-12-02 13:55 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files\REALTEK\RTL8185 Wireless LAN Utility\EnumDevLib.dll
2012-12-02 13:55 - 2007-07-12 12:11 - 01163264 _____ () C:\Program Files\REALTEK\RTL8185 Wireless LAN Utility\acAuth.dll
2014-03-16 12:45 - 2014-03-15 01:50 - 00051016 _____ () C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-16 12:45 - 2014-03-15 01:50 - 04061000 _____ () C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-16 12:45 - 2014-03-15 01:50 - 00394568 _____ () C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-16 12:45 - 2014-03-15 01:50 - 01647432 _____ () C:\Documents and Settings\Sally\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Documents and Settings\
Administrator\Desktop\catchme.exe:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\
Administrator\Desktop\catchme.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\Gary\My Documents\Nero6 OEM Serial for Dell PC.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Gary\My Documents\Roxio Trial Serial.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Lucy\My Documents\EA Games:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Rachael\My Documents\EA Games:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Sally\Desktop\Copy of OTL.exe:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\Sally\Desktop\Copy of OTL.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\Sally\My Documents\My Received Files:Roxio EMC Stream
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Bluetooth HID Manager
Description: Bluetooth HID Manager
Class Guid: {D76B962B-F0B8-41F2-8590-6605FE4EA312}
Manufacturer: IVT Corporation
Service: BTHidMgr
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Bluetooth HID Enum Device
Description: Bluetooth HID Enum Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: IVT Corporation
Service: BTHidEnum
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Bluetooth AV/HS Audio
Description: Bluetooth AV/HS Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: IVT Corporation.
Service: BlueletAudio
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Bluetooth PAN Network Adapter
Description: Bluetooth PAN Network Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: IVT Corporation
Service: BT
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/26/2014 03:31:29 PM) (Source: PerfNet) (User: )
Description: Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.
Error: (03/24/2014 00:46:27 AM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x715b9e59.
Processing media-specific event for [explorer.exe!ws!]
Error: (03/24/2014 00:25:52 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/24/2014 00:25:52 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/24/2014 00:25:52 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: A connection with the server could not be established
Error: (03/24/2014 00:25:48 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: A connection with the server could not be established
Error: (03/23/2014 11:50:45 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/23/2014 11:50:45 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/23/2014 11:50:45 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: A connection with the server could not be established
Error: (03/23/2014 11:50:40 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: A connection with the server could not be established
System errors:
=============
Error: (03/31/2014 08:11:30 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd
Error: (03/31/2014 08:09:58 PM) (Source: Service Control Manager) (User: )
Description: The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).
Error: (03/31/2014 08:09:58 PM) (Source: Service Control Manager) (User: )
Description: The RealNetworks Downloader Resolver Service service terminated unexpectedly. It has done this 1 time(s).
Error: (03/31/2014 07:43:50 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd
Error: (03/31/2014 07:27:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd
Error: (03/28/2014 09:02:08 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd
Error: (03/27/2014 08:37:35 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde
sptd
Error: (03/27/2014 07:28:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd
Error: (03/27/2014 00:46:08 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NwlnkNb.
The backup browser is stopping.
Error: (03/26/2014 10:19:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd
Microsoft Office Sessions:
=========================
Error: (03/26/2014 03:31:29 PM) (Source: PerfNet)(User: )
Description:
Error: (03/24/2014 00:46:27 AM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512unknown0.0.0.0715b9e59
Error: (03/24/2014 00:25:52 AM) (Source: crypt32)(User: )
Description:
http://www.download....rootseq.txtThis network connection does not exist.
Error: (03/24/2014 00:25:52 AM) (Source: crypt32)(User: )
Description:
http://www.download....rootseq.txtThis network connection does not exist.
Error: (03/24/2014 00:25:52 AM) (Source: crypt32)(User: )
Description:
http://www.download....uthrootseq.txtA connection with the server could not be established
Error: (03/24/2014 00:25:48 AM) (Source: crypt32)(User: )
Description:
http://www.download....uthrootseq.txtA connection with the server could not be established
Error: (03/23/2014 11:50:45 PM) (Source: crypt32)(User: )
Description:
http://www.download....rootseq.txtThis network connection does not exist.
Error: (03/23/2014 11:50:45 PM) (Source: crypt32)(User: )
Description:
http://www.download....rootseq.txtThis network connection does not exist.
Error: (03/23/2014 11:50:45 PM) (Source: crypt32)(User: )
Description:
http://www.download....uthrootseq.txtA connection with the server could not be established
Error: (03/23/2014 11:50:40 PM) (Source: crypt32)(User: )
Description:
http://www.download....uthrootseq.txtA connection with the server could not be established
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 2038.07 MB
Available physical RAM: 1195.38 MB
Total Pagefile: 3923.08 MB
Available Pagefile: 3298.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.26 MB
==================== Drives ================================
Drive c: (500GB_Local Disk) (Fixed) (Total:231.53 GB) (Free:83.33 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive f: () (Fixed) (Total:0.05 GB) (Free:0.04 GB) FAT
Drive g: () (Fixed) (Total:3 GB) (Free:0.61 GB) FAT32
Drive h: () (Fixed) (Total:231.18 GB) (Free:97.88 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: DDC4DDC4)
Partition: GPT Partition Type.
==================== End Of Log ============================