initial problem was for some reason the software stopped working, mainly use excel and it wouldnt open excel files, they appeared in explorer to be pdf files, and even if association changed they would not open
after contacting <MS support was told to re-install from online download whcih tried but failed, and error 1935 message about assembly component and system just rolled back changes
at same time whilst looking into this proble, noticed their windows updates hadnt been run
tried to do this in vain hope it was was somehow connected to failing install
then got the windows update 80080005 error, and shows no history of any updates ever having happened
since this problem i have tried MS fix it, advanced spyware, from MS forums to others to do everything suggested on many different MS KB topics and still no joy
so gave up with MS and thought id give the good guys here a go, as have helped me immensely in past with my own PC issues
a forum superhelper has been looking into my problem, and we have tried several solutions, the latest advice i have been given is to post an OTL log here as he is not permitted to look into the problem in the thread i have started in the network area
http://www.geekstogo..._1#entry2257264
is the original thread
here is my OTL log as suggested
OTL logfile created on: 04/02/2013 18:56:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.97 Gb Total Physical Memory | 2.77 Gb Available Physical Memory | 69.92% Memory free
7.93 Gb Paging File | 6.04 Gb Available in Paging File | 76.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 889.87 Gb Free Space | 95.54% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/02/04 18:54:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2013/01/09 10:48:41 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012/12/19 22:41:25 | 000,733,808 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe
PRC - [2012/12/18 19:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/17 13:16:21 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/07/29 19:52:22 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/07/29 19:52:20 | 001,673,048 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/06/06 20:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2009/02/25 11:27:42 | 000,397,312 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
PRC - [2009/02/25 11:22:58 | 000,167,936 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
PRC - [2006/06/09 18:38:00 | 000,294,912 | ---- | M] (FUJI PHOTO FILM CO., LTD.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe
========== Modules (No Company Name) ==========
MOD - [2012/09/28 11:13:44 | 001,624,576 | ---- | M] () -- C:\Users\Owner\AppData\LocalLow\FCTB000061465\Toolbar\Toolbar.dll
MOD - [2012/05/28 20:40:25 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll
MOD - [2012/02/01 13:43:10 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2011/06/22 09:41:04 | 001,544,192 | ---- | M] () -- C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll
MOD - [2007/08/14 11:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 11:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 11:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2006/02/22 11:44:00 | 000,061,440 | ---- | M] () -- C:\Program Files\FinePixViewer\wia_register_event.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012/12/19 22:41:25 | 000,733,808 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)
SRV:64bit: - [2012/07/11 18:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/09 10:48:42 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 19:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/29 19:52:22 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/25 11:22:58 | 000,167,936 | ---- | M] (OLYMPUS IMAGING CORP.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe -- (Olympus DVR Service)
SRV - [2005/06/02 14:54:34 | 000,086,606 | ---- | M] (Canon Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe -- (CCALib8)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/12/19 22:41:26 | 000,111,776 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn)
DRV:64bit: - [2012/07/29 19:52:38 | 000,101,688 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 03:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 03:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/04/21 03:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/04 05:39:10 | 000,062,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/07/16 03:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/10/30 08:36:26 | 000,505,720 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys -- (RapportCerberus_43926)
DRV - [2012/07/29 19:52:40 | 000,055,096 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2012/07/29 19:52:38 | 000,297,240 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://talktalk.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B6 9C 0C 45 28 10 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {ada2ac0d-15c6-4611-ba5d-5b0a8b52fd6d} - C:\Program Files (x86)\Nectar Search Toolbar\Helper.dll ()
IE - HKCU\..\URLSearchHook: {e5593220-bcaf-4b30-89fe-af988d0eacaa} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{08E4E36B-9439-4675-A473-C6B209DD10E6}: "URL" = http://uk.search.yah...&p={searchTerms}
IE - HKCU\..\SearchScopes\{509D84A2-1C2A-4EBC-859D-29A8575CF256}: "URL" = http://websearch.ask...C5-601FC6C0CAEA
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...GGHP_en-GBGB431
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-12-15 12:53:04&v=13.2.0.4&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://eu.ask.com/we...&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ei.MyScrapNook_12.com/Plugin: C:\Program Files (x86)\MyScrapNook_12EI\Installr\1.bin\NP12EISB.dll (My Scrap Nook)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/12 18:56:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/12 18:56:08 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2013/02/02 15:07:44 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Webroot Vault) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll ()
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Nectar Search Toolbar BHO) - {B7C2F0D8-2209-4693-A15D-5A537211D48B} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O2 - BHO: (Bcool Class) - {BF847FAF-37BF-34B5-0EC6-C7405F81D07B} - C:\ProgramData\Bcool\bhoclass.dll ()
O2 - BHO: (Webroot Vault) - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll ()
O3 - HKLM\..\Toolbar: (Nectar Search Toolbar) - {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Webroot Toolbar) - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Nectar Search Toolbar) - {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files (x86)\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O9:64bit: - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar64.dll ()
O9:64bit: - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar64.dll ()
O9 - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar.dll ()
O9 - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\PKG\LPBar.dll ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B1C47F2-13DD-4F6A-8199-330AC8935ADC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE1E871A-6655-4FCC-9502-FC45A1472441}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (digest.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{08bde8ac-3582-11e2-8e41-e069951c3a71}\Shell - "" = AutoRun
O33 - MountPoints2\{08bde8ac-3582-11e2-8e41-e069951c3a71}\Shell\AutoRun\command - "" = I:\SafeStick.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/02/04 09:05:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FD0BC90F-8486-49F3-B5B1-11F0C83A4E9B}
[2013/02/03 13:18:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D799B5B8-CEB7-489F-85A6-F2B4C145F6A1}
[2013/02/02 23:43:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{61E08BFF-615B-4A50-A2D3-97FA0FC7E529}
[2013/02/02 15:11:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/02/02 15:11:09 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/02/02 15:08:55 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/02/02 14:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/02/02 14:19:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\catroot2.bak
[2013/02/02 14:07:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\PC Repair programs (Andy)
[2013/02/02 13:29:46 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/02/02 13:22:33 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/02/02 13:17:03 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2013/02/02 13:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/02/02 13:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013/02/02 11:42:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2F2EB67B-369B-4DC2-A1F1-92CA190A89CA}
[2013/02/01 22:25:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0BF9AF08-AAE5-4103-A341-D73460E67D70}
[2013/02/01 10:25:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8BF61C14-7864-413C-A572-58E3A341D9FB}
[2013/01/31 22:24:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CF3AD9B9-CBE2-4286-8091-1DB6523704CC}
[2013/01/31 14:56:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Scans
[2013/01/31 10:24:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{71BE2265-5D9C-4488-89F8-1F5101329E23}
[2013/01/30 22:24:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{31FB9DEA-6BE7-4F76-AB12-3624AC633FBF}
[2013/01/30 10:23:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7AEBD21B-BD3B-4973-8D03-E4D8A37D972E}
[2013/01/29 22:23:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{073703C9-8217-433E-9FB1-A82226ED8189}
[2013/01/29 10:22:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C7CEA331-640D-49D8-8E94-A932B6085FFC}
[2013/01/28 22:22:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C284E0E3-CCBA-4EB6-84DD-A376BC54AD0C}
[2013/01/28 10:22:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2A1C4759-8078-4BE1-BFDA-59078C37AD55}
[2013/01/27 10:21:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9692B6EA-AF3F-4E5E-8F2B-F49248D09D03}
[2013/01/26 22:21:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9142C3F0-285D-4236-B350-C73FBA10DFC6}
[2013/01/26 10:22:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1284D964-9AEF-4A02-BA7A-72ABA0113A9F}
[2013/01/26 10:18:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{41422658-7F0E-49E6-8C24-1954893DE05E}
[2013/01/25 22:33:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{61EDC0BA-1D53-40AC-92CF-CBE677A80CDB}
[2013/01/25 10:32:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F878B478-1717-4A55-97E8-77AB0944208D}
[2013/01/25 10:29:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BA0C85B0-AC5E-4CC7-9FFC-31509B376C98}
[2013/01/24 10:28:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{693DAEAD-C47D-4B0C-9D2B-3D9CDEF503C8}
[2013/01/23 22:28:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3C825D24-89BF-4F07-92AA-14AC7DD7EB20}
[2013/01/23 10:27:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{020FF02A-93CE-48A1-B78C-6D991801865B}
[2013/01/22 22:27:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{87F53A34-7BE1-491B-A59A-EEA4A561A436}
[2013/01/22 10:27:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7DB30DF6-B6B0-4C87-8EC3-F105CC487AE7}
[2013/01/21 22:26:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A030D6D2-AD5A-4722-BB39-61CF2D1AACEC}
[2013/01/21 10:26:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{66A8F72D-627A-4A7C-91C9-3F422ABFD5AE}
[2013/01/20 22:26:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{86BFCCB3-78D6-47C2-BE14-CE70A48021FA}
[2013/01/20 10:26:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C6BA7321-E5D8-4E7C-B8F9-028BBAB2CE56}
[2013/01/19 10:25:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{789CD718-FC1D-49A5-8023-F712EFD75DC9}
[2013/01/18 21:39:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F478A046-7A1E-48FE-95C4-15325B0D2064}
[2013/01/18 09:39:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{144B3D1B-9053-4FB5-9B3A-5C3A74D79E93}
[2013/01/17 21:38:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{292FDDDD-F557-4E99-B7AD-3CC982D7AC40}
[2013/01/17 09:38:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4981FAAE-F5C8-4800-8711-E80D2914BA9A}
[2013/01/16 21:38:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F8215B13-FEA5-4B11-87E5-E71C7301FCC9}
[2013/01/16 09:37:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{133898D0-FD91-4AEB-A2DE-68C7BF0C7D6E}
[2013/01/15 21:37:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{76581335-5B96-4077-9AAB-A9C12133637D}
[2013/01/15 09:37:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8F5B4B83-812E-4C27-9198-C75CA872A7C9}
[2013/01/14 09:36:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FC06476A-1A6B-419F-957A-F416CD0A52EC}
[2013/01/13 16:51:41 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~LS
[2013/01/13 16:50:54 | 000,000,000 | ---D | C] -- C:\$UPGRADE.~OS
[2013/01/13 16:50:06 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2013/01/13 16:27:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/01/13 16:02:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
[2013/01/13 16:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/01/13 16:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/01/13 16:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/13 11:25:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{81C69645-99F3-4E59-BA17-53084C98C732}
[2013/01/12 23:25:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A323B206-2F9A-4822-A6F6-BF27941805DF}
[2013/01/12 11:24:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{88CCDE96-2AD8-448E-9A9E-C599B3B65A68}
[2013/01/11 10:24:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{61082CF1-031F-4503-855D-7116C9AF07A9}
[2013/01/10 22:24:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F71BC8AB-5EAB-486F-A2D5-9277753906C4}
[2013/01/10 10:23:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9D0BF489-ACF0-43F2-ADA0-AB4C6C64A792}
[2013/01/09 22:23:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C982D0D8-62C7-415D-AB07-8CDC935DA7F8}
[2013/01/09 10:23:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3FDB6583-4F5A-4EB7-8AAB-D5EAABD76ADF}
[2013/01/09 10:19:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5ADD6A6D-C799-4945-B9BC-3DD21E2FC2C0}
[2013/01/08 22:18:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CFEC57C9-4F8F-4053-B738-658DF97CBF13}
[2013/01/08 10:18:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{86228A7E-C86E-47F3-BED0-BD157F27DC52}
[2013/01/07 22:18:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{97CA48D9-6CCF-4E24-8D60-8B5B9DE08B70}
[2013/01/07 10:17:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1271A6C9-CC70-4261-A344-7CC6C4188D1B}
[2013/01/06 08:09:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DD3299B3-0ACC-4C62-8F6B-D1461F801798}
[2012/06/26 07:44:14 | 009,842,040 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files (x86)\Common Files\wruninstall.exe
[5 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/04 18:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/04 18:15:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/04 15:16:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/04 13:15:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/04 08:28:08 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/04 08:28:08 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/04 08:27:17 | 000,779,438 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/02/04 08:27:17 | 000,664,606 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/02/04 08:27:17 | 000,125,342 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/04 08:22:56 | 3193,790,464 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/02 16:02:31 | 000,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013/02/02 15:35:16 | 000,000,134 | ---- | M] () -- C:\Users\Owner\Desktop\Microsoft Fix it.url
[2013/02/02 15:11:13 | 000,402,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/02/02 15:09:20 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/02/02 15:07:44 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/02/02 14:46:54 | 000,761,720 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/02 13:58:30 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_432
[2013/02/02 13:23:26 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-OWNER-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/02/02 13:16:59 | 000,002,287 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/01/31 23:00:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\Regwork.job
[2013/01/13 16:55:54 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013/01/13 16:55:54 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2013/01/13 16:51:41 | 000,000,002 | ---- | M] () -- C:\$UpgDrv$
[2013/01/13 16:02:20 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[5 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/02 15:25:59 | 000,000,134 | ---- | C] () -- C:\Users\Owner\Desktop\Microsoft Fix it.url
[2013/02/02 13:23:26 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-OWNER-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/02/02 13:16:59 | 000,002,287 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/01/13 16:51:41 | 000,000,002 | ---- | C] () -- C:\$UpgDrv$
[2013/01/13 16:37:40 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2013/01/13 16:37:40 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2013/01/13 16:02:20 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/09 10:16:55 | 000,034,764 | ---- | C] () -- C:\Users\Owner\AppData\Local\dt.dat
[2012/01/06 23:45:01 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\{CF5FC710-C747-4A0B-BE54-AB4A289EC8BD}
[2011/11/15 21:33:06 | 000,000,000 | ---- | C] () -- C:\Windows\Dssole.INI
[2011/11/15 21:32:32 | 000,000,242 | ---- | C] () -- C:\Windows\Support.ini
[2011/06/16 08:22:28 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/05/28 07:43:41 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2011/05/12 18:53:12 | 000,170,134 | ---- | C] () -- C:\Windows\hpoins14.dat
[2011/05/12 18:53:11 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2011/05/05 08:44:54 | 000,761,720 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/03 11:16:52 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2011/05/03 11:16:52 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2011/05/03 11:16:52 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/05/03 11:16:52 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/05/03 11:16:52 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2011/05/03 11:14:02 | 000,027,963 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011/05/03 11:12:58 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/05/03 11:12:54 | 000,020,969 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
========== ZeroAccess Check ==========
[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 03:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWow64\shell32.dll -- [2010/11/21 03:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/01/02 11:32:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ask.com
[2012/06/09 08:42:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2012
[2011/08/08 09:16:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\eBookPro6
[2011/08/04 07:53:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FUJIFILM
[2012/12/17 19:14:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client
[2011/05/05 08:45:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TP
[2011/05/14 10:09:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Trusteer
[2011/05/10 21:22:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 793 bytes -> C:\Users\Owner\Documents\Southwell Minster Programme 7 Dec 2011.eml:OECustomProperty
< End of report >