I have finally followed the last instructions posted by Nutloaf dated 08.12.13:
1. Automatic Updates are enabled
2. I think I now have updated Adobe
3. I have installed JavaRa.exe but did not find an option to Remove Java Runtime so could not follow the rest of the instruction.
4. I have run the OTL Custom Scan and here is the log file:
OTL logfile created on: 12/01/2014 15:26:07 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julie\Desktop\Geeks
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 0.67 Gb Available Physical Memory | 33.86% Memory free
4.21 Gb Paging File | 2.11 Gb Available in Paging File | 50.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.28 Gb Total Space | 140.37 Gb Free Space | 63.72% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.85 Gb Free Space | 48.45% Space Free | Partition Type: NTFS
Computer Name: JULIE-PC | User Name: Julie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/12/27 21:58:10 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/12/27 21:58:06 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/27 21:57:00 | 000,113,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013/12/10 21:24:02 | 000,839,560 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
PRC - [2013/11/11 21:35:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Julie\Desktop\Geeks\OTL.exe
PRC - [2013/10/25 02:34:06 | 002,480,408 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/10/25 02:34:06 | 001,444,120 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/05/10 07:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/10 10:12:51 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2010/07/30 05:51:50 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgdersvc.exe
PRC - [2010/06/24 13:00:14 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/13 15:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/07/24 18:02:42 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (No Company Name) ==========
MOD - [2013/12/13 09:55:16 | 001,127,152 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2013/11/23 23:49:24 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/08/18 14:10:47 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013/08/18 14:10:38 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/08/18 14:06:40 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/07/14 15:21:34 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2012/06/27 15:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/12/08 14:34:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2013/12/27 21:58:06 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/27 21:57:00 | 000,113,704 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2013/12/10 21:24:20 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/25 02:34:06 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/05/10 07:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/10 10:12:51 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/07/25 08:46:44 | 001,326,176 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/07/25 08:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/07/30 05:51:50 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)
SRV - [2010/06/24 13:00:14 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV - [2013/12/27 21:58:37 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/12/27 21:58:37 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/12/27 21:58:37 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/12/27 21:58:37 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/12/27 21:58:36 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/12/27 21:58:35 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/12/27 21:57:33 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/12/27 21:57:01 | 000,252,336 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2013/12/27 21:57:01 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2013/12/13 09:55:15 | 000,340,432 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys -- (RapportCerberus_59849)
DRV - [2013/11/23 23:49:28 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/10/25 02:34:18 | 000,230,448 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/10/25 02:34:18 | 000,157,264 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/10/25 02:34:18 | 000,108,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2012/09/10 10:12:47 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2012/09/10 10:12:46 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/09/01 08:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/07/30 05:51:50 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/06/24 13:00:14 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 23:21:32 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 A4 C7 4E A6 0F CF 01 [binary data]
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013/10/09 22:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: SearchGol (Enabled)
CHR - default_search_provider: search_url = http://www.searchgol...125035&tsp=5030
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: avast! Online Security = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: Google Wallet = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} https://vpn.nhsstock...ies/instweb.cab (CSD ActiveX Installer)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {B8E73359-3422-4384-8D27-4EA1B4C01232} https://vpn.nhsstock...COL /cscopf.cab (CISCO Portforwarder Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC9E4B55-386C-45D6-B435-F6D7CC00619B}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/12 15:05:51 | 000,000,000 | ---D | C] -- C:\Users\Julie\Documents\JavaRa
[2013/12/27 22:37:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/12/27 22:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/12/27 22:35:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/12/27 22:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/12/27 21:59:13 | 000,026,136 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013/12/27 21:59:12 | 000,252,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2013/12/27 21:57:01 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2013/12/15 16:29:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/12 15:25:19 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/12 15:04:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/12 14:59:15 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/12 14:59:15 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/12 14:54:03 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/12 14:40:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/09 15:04:09 | 006,951,830 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/09 15:04:09 | 003,399,116 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/12/27 22:37:25 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/27 22:02:34 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk
[2013/12/27 22:02:34 | 000,001,881 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/12/27 21:58:37 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/12/27 21:58:37 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/12/27 21:58:37 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/12/27 21:58:37 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/12/27 21:58:36 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/12/27 21:58:35 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013/12/27 21:58:32 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/12/27 21:58:32 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/12/27 21:57:33 | 000,026,136 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013/12/27 21:57:01 | 000,252,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2013/12/27 21:57:01 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2013/12/14 17:51:27 | 000,398,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/12/27 22:37:25 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/27 22:02:34 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk
[2013/12/27 22:02:34 | 000,001,881 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/11/23 23:49:42 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/11/23 23:49:42 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/10/12 14:24:54 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2013/10/09 22:30:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll
[2011/11/12 22:01:51 | 000,000,000 | ---- | C] () -- C:\Users\Julie\AppData\Local\{32E91E92-7276-4F47-922E-B981E8B6271D}
[2011/10/26 12:27:21 | 000,000,000 | ---- | C] () -- C:\Users\Julie\AppData\Local\{518E4141-3390-48BB-BF84-3F0C6B4ABBA1}
[2011/09/19 21:46:59 | 000,000,000 | ---- | C] () -- C:\Users\Julie\AppData\Local\{BBB2E6C0-188E-405D-9D4D-A8DEABADA71A}
[2011/05/16 11:01:36 | 000,198,421 | ---- | C] () -- C:\Users\Julie\AQA-3701-2H-W-QP-NOV09.pdf
[2010/10/04 07:58:01 | 000,005,989 | ---- | C] () -- C:\Users\Julie\Session 4 Identifying Verbs.notebook
[2010/10/04 07:57:41 | 000,012,405 | ---- | C] () -- C:\Users\Julie\Session 3 Baking Bread Instructions.notebook
[2010/07/01 19:09:25 | 000,000,798 | ---- | C] () -- C:\Users\Julie\AppData\Local\Images.fl
[2010/03/25 20:45:05 | 000,000,370 | ---- | C] () -- C:\Users\Julie\Pictures - Shortcut.lnk
[2010/02/15 13:01:35 | 000,005,632 | ---- | C] () -- C:\Users\Julie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/19 20:00:19 | 000,000,680 | ---- | C] () -- C:\Users\Julie\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 06:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 06:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/11/23 23:51:36 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\AVAST Software
[2013/11/23 17:50:29 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\AVG2014
[2011/02/06 16:26:48 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\Cisco
[2010/06/25 22:06:44 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\GetRightToGo
[2010/04/12 07:16:19 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\licenses
[2013/12/07 16:32:34 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\QuickScan
[2011/02/03 21:16:35 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\Samsung
[2010/01/19 22:44:28 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\TMP
[2013/11/23 17:45:18 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\TuneUp Software
[2013/06/17 19:39:10 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\VSO
< End of report >
Things to be running well at present.
Thanks for your help.