Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Hi I keep getting an error message in my firefox browser "navigati

Started by Feather24 , Oct 10 2014 03:22 PM

navigation cancelled virus firefox

Page 3 of 6
1
2
3
4
5

This topic is locked

#31
Feather24

Posted 20 October 2014 - 11:48 AM

Member

Topic Starter
Member
251 posts

Hi Joe I think I have more problems - really need your help today can you respond. thanks

#32
Feather24

Posted 20 October 2014 - 01:21 PM

Member

Topic Starter
Member
251 posts

My email now looks different in outlook. Had a bogus email which link went to a blank page. Things feel a mess at this end. Im not certain if this site is genuine as my browsers look strange too.
i think have now been hacked. Please help. The email may have caused more problems possibly virus?

Edited by Feather24, 20 October 2014 - 02:42 PM.

#33
zep516

Posted 20 October 2014 - 06:31 PM

Trusted Helper

Malware Removal
8,095 posts

Hello,

Had a bogus email which link went to a blank page

If that's the case post a new OTL Log.

#34
Feather24

Posted 21 October 2014 - 03:17 AM

Member

Topic Starter
Member
251 posts

Which scan do you need quick scan? Im just running quick scan and i ticked all users is that right? It auto filled the 3 boxes under file age eg skip ms files. Thanks

#35
Feather24

Posted 21 October 2014 - 03:30 AM

Member

Topic Starter
Member
251 posts

here is the log from the quick scan:

OTL logfile created on: 21/10/2014 10:13:00 - Run 5

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frances\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17358)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.30 Gb Available Physical Memory | 15.10% Memory free

3.98 Gb Paging File | 2.44 Gb Available in Paging File | 61.23% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232.79 Gb Total Space | 125.52 Gb Free Space | 53.92% Space Free | Partition Type: NTFS

Drive E: | 19.53 Gb Total Space | 9.73 Gb Free Space | 49.83% Space Free | Partition Type: NTFS

Drive F: | 54.99 Gb Total Space | 12.78 Gb Free Space | 23.24% Space Free | Partition Type: NTFS

Drive G: | 465.65 Gb Total Space | 276.91 Gb Free Space | 59.47% Space Free | Partition Type: FAT32

Computer Name: FRANCES-PC | User Name: Frances | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/09/13 01:52:04 | 036,414,624 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frances\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2014/09/03 10:47:25 | 006,018,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgmfapx.exe

PRC - [2014/08/26 16:47:14 | 001,110,880 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

PRC - [2014/08/25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe

PRC - [2014/08/25 11:41:34 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgfws.exe

PRC - [2014/08/25 11:40:08 | 000,846,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe

PRC - [2014/08/25 11:39:18 | 000,643,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe

PRC - [2014/08/25 11:39:12 | 000,838,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe

PRC - [2014/08/25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe

PRC - [2014/08/25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe

PRC - [2014/08/25 11:31:58 | 000,657,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe

PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

PRC - [2014/05/01 20:40:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frances\Desktop\OTL (1).exe

PRC - [2013/10/23 23:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Frances\AppData\Local\FluxSoftware\Flux\flux.exe

PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2011/11/18 00:02:32 | 001,975,296 | ---- | M] (Alexander Nikiforov) -- C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe

PRC - [2011/09/07 15:06:32 | 001,841,664 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Plusnet Assist\btbb\PlusnetHelpNotifier.exe

PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2010/03/25 20:45:36 | 000,031,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

PRC - [2009/07/11 21:10:28 | 001,176,064 | ---- | M] () -- C:\Program Files\VisionBoard\visionboardlauncher.exe

PRC - [2007/01/01 22:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Frances\AppData\Roaming\Google\Google Talk\googletalk.exe

PRC - [2006/09/15 14:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe

========== Modules (No Company Name) ==========

MOD - [2014/10/21 10:09:12 | 000,043,008 | ---- | M] () -- c:\Users\Frances\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6gerah.dll

MOD - [2014/10/16 11:46:36 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll

MOD - [2014/10/16 11:46:25 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll

MOD - [2014/10/16 11:46:17 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll

MOD - [2014/10/16 11:46:12 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll

MOD - [2014/10/16 11:40:46 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll

MOD - [2014/09/13 01:20:58 | 003,610,624 | ---- | M] () -- C:\Users\Frances\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll

MOD - [2014/09/11 00:56:22 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll

MOD - [2014/08/26 16:47:16 | 000,436,576 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll

MOD - [2014/08/26 16:47:16 | 000,318,304 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll

MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

MOD - [2013/08/23 20:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Frances\AppData\Roaming\Dropbox\bin\libcef.dll

MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

MOD - [2009/07/11 21:10:28 | 001,176,064 | ---- | M] () -- C:\Program Files\VisionBoard\visionboardlauncher.exe

========== Services (SafeList) ==========

SRV - [2014/09/25 11:09:43 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2014/09/24 13:50:04 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014/09/19 01:50:15 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2014/08/25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2014/08/25 11:41:34 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgfws.exe -- (avgfws)

SRV - [2014/08/25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)

SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)

SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)

SRV - [2014/04/03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/12/19 01:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2010/10/09 10:17:10 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010/03/25 20:45:36 | 000,031,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)

SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Frances\AppData\Local\Temp\catchme.sys -- (catchme)

DRV - [2014/08/06 10:49:48 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2014/07/21 21:03:22 | 000,200,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)

DRV - [2014/06/30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)

DRV - [2014/06/24 10:09:03 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)

DRV - [2014/06/17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2014/06/17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2014/06/17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)

DRV - [2014/06/17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)

DRV - [2014/06/17 16:06:22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)

DRV - [2014/06/17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)

DRV - [2013/10/02 01:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2013/09/26 11:00:38 | 000,047,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)

DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2012/06/25 14:39:16 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)

DRV - [2012/06/25 14:39:16 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)

DRV - [2011/09/22 18:10:34 | 000,238,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0105.sys -- (RsFx0105)

DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2009/07/13 23:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)

DRV - [2008/07/28 19:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)

DRV - [2007/01/26 17:48:28 | 012,028,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD)

DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Frances\Desktop

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 79 4B FD 45 2B 67 CB 01 [binary data]

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Frances\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Frances\Desktop\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/09/19 14:33:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/04/18 17:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frances\AppData\Roaming\Mozilla\Extensions

[2014/10/18 11:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frances\AppData\Roaming\Mozilla\Firefox\Profiles\53nb3mux.default-1413581714489\extensions

[2014/09/19 14:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2014/09/19 14:33:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2014/09/19 14:33:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2014/09/19 14:33:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

[2014/09/19 14:33:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2014/09/19 14:33:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2014/09/25 11:09:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)

CHR - default_search_provider: search_url =

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.104\pdf.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Citrix Online Web Deployment Plugin 1.0.0.104 (Enabled) = C:\Users\Frances\AppData\Local\Citrix\Plugins\104\npappdetector.dll

CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Users\Frances\Desktop\npAmazonMP3DownloaderPlugin101753.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll

CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - Extension: No name found = C:\Users\Frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\

CHR - Extension: No name found = C:\Users\Frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: No name found = C:\Users\Frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\

CHR - Extension: No name found = C:\Users\Frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: No name found = C:\Users\Frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: No name found = C:\Users\Frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\

CHR - Extension: No name found = C:\Users\Frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: No name found = C:\Users\Frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2014/10/13 10:54:34 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\Plusnet Assist\btbb\PlusnetHelpNotifier.exe (Alcatel-Lucent)

O4 - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)

O4 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000..\Run: [f.lux] C:\Users\Frances\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)

O4 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000..\Run: [googletalk] C:\Users\Frances\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)

O4 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe (Alexander Nikiforov)

O4 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000..\Run: [visionboard] C:\Program Files\VisionBoard\visionboardlauncher.exe ()

O4 - Startup: C:\Users\Frances\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Frances\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\Frances\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: New Note - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html ()

O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O9 - Extra Button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html ()

O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AEFD181-F14E-4463-B2D2-39C1367B81A8}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EB4CFC4-7649-413F-870B-BB36D0D3979F}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A79483D2-6796-4059-832A-41A709A2AAE1}: NameServer = 8.8.8.8,8.8.4.4

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2007/02/01 17:17:23 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (sdnclean.exe)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O35 - HKU\S-1-5-21-1527785505-3915310178-3884954049-1000..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/10/18 11:29:56 | 001,705,698 | ---- | C] (Thisisu) -- C:\Users\Frances\Desktop\JRT_NEW.exe

[2014/10/17 22:35:21 | 000,000,000 | ---D | C] -- C:\Users\Frances\Desktop\Old Firefox Data

[2014/10/13 10:48:51 | 000,000,000 | ---D | C] -- C:\_OTL

[2014/10/13 10:46:37 | 001,705,755 | ---- | C] (Thisisu) -- C:\Users\Frances\Desktop\JRT.exe

[2014/10/11 20:27:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Frances\Desktop\OTL.exe

[2014/10/06 16:31:31 | 000,000,000 | ---D | C] -- C:\Users\Frances\Documents\New folder (2)

[2014/10/06 16:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Photoshop 8

========== Files - Modified Within 30 Days ==========

[2014/10/21 10:16:14 | 000,023,568 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/10/21 10:16:14 | 000,023,568 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/10/21 10:08:22 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/10/21 10:08:09 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat

[2014/10/21 10:08:01 | 1602,347,008 | -HS- | M] () -- C:\hiberfil.sys

[2014/10/20 18:53:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/10/20 18:49:28 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014/10/16 11:38:33 | 000,429,856 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2014/10/14 21:00:30 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014/10/14 12:43:07 | 001,705,698 | ---- | M] (Thisisu) -- C:\Users\Frances\Desktop\JRT_NEW.exe

[2014/10/13 11:34:32 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys

[2014/10/13 10:54:34 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts

[2014/10/13 10:46:52 | 001,705,755 | ---- | M] (Thisisu) -- C:\Users\Frances\Desktop\JRT.exe

[2014/10/13 10:44:55 | 001,976,320 | ---- | M] () -- C:\Users\Frances\Desktop\adwcleaner_4.000.exe

[2014/10/11 20:27:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frances\Desktop\OTL.exe

[2014/10/09 14:12:46 | 057,605,934 | ---- | M] () -- C:\Users\Frances\Desktop\MTM - Dr. Joseph Riggio Interview.zip

[2014/10/06 11:08:44 | 048,042,832 | ---- | M] () -- C:\Users\Frances\Desktop\Free Creation Call Oct 5 2014(1).mp3

[2014/10/06 10:39:12 | 048,042,832 | ---- | M] () -- C:\Users\Frances\Desktop\Free Creation Call Oct 5 2014.mp3

[2014/10/01 15:23:41 | 000,734,868 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2014/10/01 15:23:41 | 000,151,414 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2014/09/29 12:14:02 | 000,000,259 | ---- | M] () -- C:\Users\Frances\Desktop\Our careers.URL

[2014/09/28 13:11:39 | 000,332,207 | ---- | M] () -- C:\Users\Frances\Desktop\Start-Up CTC - Exercise 2 - Generating Niche Options.pdf

[2014/09/28 13:11:24 | 000,233,912 | ---- | M] () -- C:\Users\Frances\Desktop\Start-Up CTC - Exercise 3 - Evaluating Your Niche.pdf

[2014/09/26 16:52:23 | 001,395,294 | ---- | M] () -- C:\Users\Frances\Desktop\overview-awakening.pdf

[2014/09/25 11:27:46 | 000,256,504 | ---- | M] () -- C:\Users\Frances\Desktop\Start-Up CTC - Exercise 1 - Fix The Holes In Your Bucket.pdf

[2014/09/21 16:49:38 | 000,088,844 | ---- | M] () -- C:\Users\Frances\Desktop\hhh_humanistic_results_page_AR.pdf.part

[2014/09/21 16:40:10 | 000,673,919 | ---- | M] () -- C:\Users\Frances\Desktop\hhh_humanistic_results_page_AR(1).pdf

========== Files Created - No Company Name ==========

[2014/10/13 10:44:44 | 001,976,320 | ---- | C] () -- C:\Users\Frances\Desktop\adwcleaner_4.000.exe

[2014/10/09 14:11:27 | 057,605,934 | ---- | C] () -- C:\Users\Frances\Desktop\MTM - Dr. Joseph Riggio Interview.zip

[2014/10/06 16:16:29 | 000,334,970 | ---- | C] () -- C:\Users\Frances\Documents\sms-results-fabienne-fredrickson-special-best-of-the-best.pdf

[2014/10/06 11:07:43 | 048,042,832 | ---- | C] () -- C:\Users\Frances\Desktop\Free Creation Call Oct 5 2014(1).mp3

[2014/10/06 10:38:11 | 048,042,832 | ---- | C] () -- C:\Users\Frances\Desktop\Free Creation Call Oct 5 2014.mp3

[2014/09/29 12:14:02 | 000,000,259 | ---- | C] () -- C:\Users\Frances\Desktop\Our careers.URL

[2014/09/28 13:11:36 | 000,332,207 | ---- | C] () -- C:\Users\Frances\Desktop\Start-Up CTC - Exercise 2 - Generating Niche Options.pdf

[2014/09/28 13:11:15 | 000,233,912 | ---- | C] () -- C:\Users\Frances\Desktop\Start-Up CTC - Exercise 3 - Evaluating Your Niche.pdf

[2014/09/26 16:52:18 | 001,395,294 | ---- | C] () -- C:\Users\Frances\Desktop\overview-awakening.pdf

[2014/09/25 11:27:42 | 000,256,504 | ---- | C] () -- C:\Users\Frances\Desktop\Start-Up CTC - Exercise 1 - Fix The Holes In Your Bucket.pdf

[2014/09/21 16:40:07 | 000,673,919 | ---- | C] () -- C:\Users\Frances\Desktop\hhh_humanistic_results_page_AR(1).pdf

[2014/09/21 16:39:39 | 000,088,844 | ---- | C] () -- C:\Users\Frances\Desktop\hhh_humanistic_results_page_AR.pdf.part

[2014/05/10 09:59:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2014/05/10 09:59:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2014/05/10 09:59:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2014/05/10 09:59:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2014/05/10 09:59:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2014/03/28 11:21:58 | 000,013,464 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys

[2013/11/04 20:30:05 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini

[2013/11/04 20:30:04 | 012,028,032 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys

[2013/11/04 20:30:04 | 000,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll

[2013/11/04 20:30:04 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll

[2013/11/04 20:30:04 | 000,025,472 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys

[2013/10/16 16:17:30 | 000,000,031 | -H-- | C] () -- C:\Windows\UKCpInfo.sys

[2013/07/23 13:26:58 | 000,036,154 | ---- | C] () -- C:\Program Files\cc_20130723_132652.reg

[2011/06/27 23:28:39 | 000,015,044 | ---- | C] () -- C:\Program Files\cc_20110627_232823.reg

[2011/06/27 09:30:01 | 000,000,000 | ---- | C] () -- C:\Users\Frances\AppData\Local\{2F0D215D-D36A-4572-8518-970B7D5F1ED4}

[2011/06/07 11:10:22 | 000,000,000 | ---- | C] () -- C:\Users\Frances\AppData\Local\{D0C3A833-BA01-4220-98B5-867AEE928B6A}

[2010/11/08 16:25:25 | 000,004,608 | ---- | C] () -- C:\Users\Frances\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/10/11 16:43:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2010/12/10 11:09:46 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2012/12/09 18:51:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2012/12/09 18:51:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

[2012/04/17 22:17:12 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\Amazon

[2014/06/14 14:12:47 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\Audacity

[2010/11/08 14:17:06 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\Avery

[2014/09/13 16:56:47 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\AVG

[2013/12/09 18:05:18 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\AVG2014

[2014/10/21 10:10:07 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\Dropbox

[2011/04/01 17:16:02 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\EPSON

[2011/11/28 00:42:55 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\MP3SkypeRecorder

[2010/10/11 15:56:48 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\OpenOffice.org

[2011/02/18 10:58:56 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\Pamela

[2012/01/20 20:56:03 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\Tific

[2012/11/24 12:58:00 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\TuneUp Software

[2011/08/31 19:52:40 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1

[2013/07/24 21:05:45 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\WinPatrol

[2014/09/03 23:24:52 | 000,000,000 | ---D | M] -- C:\Users\Frances\AppData\Roaming\XNote Stopwatch

========== Purity Check ==========

< End of report >

#36
Feather24

Posted 21 October 2014 - 03:43 AM

Member

Topic Starter
Member
251 posts

Hi Here is the log for Run Scan and all users:

OTL logfile created on: 21/10/2014 10:33:15 - Run 5

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frances\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17358)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.73 Gb Available Physical Memory | 36.46% Memory free

3.98 Gb Paging File | 2.76 Gb Available in Paging File | 69.42% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232.79 Gb Total Space | 125.67 Gb Free Space | 53.98% Space Free | Partition Type: NTFS

Drive E: | 19.53 Gb Total Space | 9.73 Gb Free Space | 49.83% Space Free | Partition Type: NTFS

Drive F: | 54.99 Gb Total Space | 12.78 Gb Free Space | 23.24% Space Free | Partition Type: NTFS

Drive G: | 465.65 Gb Total Space | 276.91 Gb Free Space | 59.47% Space Free | Partition Type: FAT32

Computer Name: FRANCES-PC | User Name: Frances | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days