Jump to content

BreatGritain

Members
 View Profile  See their activity

  • Posts

    104

  • Joined

  • Last visited

 Content Type 

Everything posted by BreatGritain

  1. BreatGritain
    Hi, If you're with Virgin, that seems like a fairly old router. The "tests" Virgin carry out over the phone are fairly limited, essentially all they do is check to see your modem is getting the right level of signal from the Virgin network - they don't have a clue if your router is working or not. Personally, I would still call Virgin, and if the tests they run are ok, I would demand a Super Hub, (they won't charge you for this). If there's a problem with the signal levels from the Virgin network they will send a tech for you, if all seems ok they'll post a hub out to you. Good luck.
  2. BreatGritain
    Hello, Sorry I've not been about recently. Moving house. Hectic. I wondered if I could abuse somebody's knowledge for a moment! My Windows 7 Sony Vaio's time and date is wrong - I've obviously corrected it, but the next day when I use the laptop the time and date settings are a day behind. It's as if when the laptop is switched off or in sleep mode, the clock pauses... I have absolutely no idea where to start or what to do. Since the laptop is fairly new i'm assuming it's a software related fault and not a flat CMOS battery. maybe. Thanking you for your help, Tom
  3. BreatGritain
    Nuff said. You crack me up Ken, love it.
  4. BreatGritain
    Forgive the vagueness of the last post. Once in the routers control panel and you have entered the username and password, Click Services, on the left. When the next page loads, uncheck the box next to "firewall features". Click apply.
  5. BreatGritain
    The modem you have is known simply as a "hub", which is one step older than the superhub. I'd like to try turn off the firewall on the router anyway - its worth a shot, even if it won't probably fix the issue. Go to your web browser and go to http://192.168.0.1 You should be asked for a username password, which will be "admin" and "changeme" respectively by default. There will be a list of links on the left. From the top of my head I'm not 100% sure which option it is on your router, but it will be something obvious like "security" or even "firewall". We want to disable the firewall completely and try the website again, Good luck,
  6. BreatGritain
    Hi Ian, Sounds like it might be a firewall issue on your router. Is it a Super Hub you have? Tom.
  7. BreatGritain
    I'm really sorry for wasting your time Starbuck, the gentleman who asked me to look at it demanded the pc back, so I can't carry out the next steps.Again I'm really sorry, thank you for for your assistance though.
  8. BreatGritain
    Just noticed that the error message doesn't appear any more, so it seems either JRT or adwcleaner resolved the issue!
  9. BreatGritain
    And Finally, EXTRAS.TXT. OTL Extras logfile created on: 15/02/2013 10:16:47 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\frances\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.87 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 47.25% Memory free 3.98 Gb Paging File | 2.69 Gb Available in Paging File | 67.41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 220.40 Gb Total Space | 140.74 Gb Free Space | 63.86% Space Free | Partition Type: NTFS Drive D: | 12.48 Gb Total Space | 1.38 Gb Free Space | 11.05% Space Free | Partition Type: NTFS Computer Name: FRANCES-PC | User Name: frances | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.) "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0EE90476-C3FB-42E1-A03B-E7DD5D1FE1A3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{2DA4E33C-FF80-417B-A896-09CFE704FF1C}" = rport=139 | protocol=6 | dir=out | app=system | "{2DCD4ED3-3F20-446F-9AAD-5014090F9BDB}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | "{3B071A85-DC77-4A0A-813C-0624FC4E37E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{442075FE-5E00-48AD-A349-CB6F22C35985}" = lport=138 | protocol=17 | dir=in | app=system | "{5F7999CE-EFD8-4E87-8B60-B15450B1E554}" = lport=445 | protocol=6 | dir=in | app=system | "{73BB0A9A-66D4-4325-9171-2914F7DF2548}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | "{8454DD0C-80F4-4E25-B812-B09C0A808778}" = lport=139 | protocol=6 | dir=in | app=system | "{8F55F9AC-1300-46CA-B293-2268E71E24F1}" = rport=445 | protocol=6 | dir=out | app=system | "{A3449A94-F6F4-4538-9D3F-DD788589D569}" = rport=138 | protocol=17 | dir=out | app=system | "{AACE430B-9499-49F7-9081-DBFFB8FCCD8C}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 | "{ECE6C6B1-56F5-4CB1-B749-DB09B3909827}" = lport=137 | protocol=17 | dir=in | app=system | "{F5487484-B4B5-42BF-99BD-4ABD34802764}" = rport=137 | protocol=17 | dir=out | app=system | "{F6350886-F6C9-454A-9C73-A260D8A40579}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07B36102-5BB8-4835-8830-E81064CF98C3}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe | "{1CC88CBF-C4D8-4FF3-A8BC-A1B75B301497}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{21FD6EDC-23D3-4D1A-B953-0247F87D2EE4}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{2A95C146-BD41-4287-AE2D-22755387EC38}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{46850D74-2AD0-467E-B9B7-2B9F6927D089}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{55E70948-5E11-4212-97CB-FBB9D8C4D724}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe | "{56EB3C47-4E70-40F1-AF64-A4B29E21ABBA}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe | "{5B02584C-4FE7-4D56-A7A8-D47B37ED1379}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{62CAF86B-7142-49E2-9DC0-72C0E7BB57C6}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{63FAF06E-BA92-4068-8048-A9F42E6E319F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{6DE34A3F-4669-4802-A612-1E46C6F8C9C6}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{72B47086-55A9-4250-83F7-09556C17B697}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{7A430848-0783-429B-AE47-F28A92A5E7D2}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe | "{7DE06F39-1214-4CE1-8296-C56365258ADE}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{7FEF0CA9-190C-4C18-94A5-E9005CAC1AFD}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe | "{81AC6809-DB93-4B72-97B2-2BB8376E3230}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{8BBBFCB8-0412-40B6-8151-695DF9C50D7F}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{8FCDD995-A8C7-4B43-975A-B2BE6FBF96FE}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{949D4E32-BE0B-47B1-8985-69AFD8665112}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{9BD1F8AE-42AC-4E8A-9A5F-D8AB30A76E1D}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe | "{A5110123-C126-4B12-95D0-DCE3C67790D2}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A775D2B7-6192-4D4F-B603-CC596440257F}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe | "{B14A77FD-980A-480F-B720-49F91DB5BCB9}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe | "{D583DBB3-3BCA-41A4-BDCC-28445120F6A4}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe | "{DB54C4BE-741A-4A60-84D9-B60A7D3DB713}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | "{DC4D7EA2-61F0-4D78-955E-ACEF7B94D38E}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{DEBD455E-98E7-43F6-992A-9A28B90A68E0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{E2032CB8-8A3E-4675-B0E4-3B66838EBF86}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E98BEBB5-CE99-49BE-87B7-C4A659E361CD}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | "{F02A3E57-8F68-4D14-A6DE-C7EDD0FBEACB}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe | "{F05F56EA-D0E0-4FC0-8E2D-EB6C44B33E33}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{FA98EE7C-117D-4BAF-8DA4-3072D00E37A7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FCEB136C-1FF3-4307-8291-AE475EFD9F89}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe | "TCP Query User{82319A1A-B132-4F0B-92E2-8A6B95523F2D}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{575EA154-0103-4ACA-B18D-DA35CF9434AB}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE "{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1 "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18472E28-FCA0-421F-BDAC-AC65012E29F2}" = ArcSoft MediaImpression "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1 "{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater "{49B6F667-76EB-4E9D-ACD2-84B7437901C0}" = LG PC Suite II "{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In "{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book "{56BA241F-580C-43D2-8403-947241AAE633}" = center "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes "{638EBB3E-04BC-40DB-9176-DDEC2C5CB2BC}" = ArcSoft MediaConverter 2.5 "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6B7CEA10-4694-4FC3-B761-9DBFD50B8F2A}" = Client Settings Tool "{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage "{948A3F91-22EE-4E24-B4E0-BADB972357F4}" = ArcSoft Print Creations "{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse "{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints "{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback "{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support "{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS "{A2016015-8323-4AF8-8B3E-F56239D7D59D}" = HP Demo "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials "{BF5EE349-90CD-4422-A43B-661778180173}" = USB Disk Win98 Driver "{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr "{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C833C7B6-1140-471D-932B-391B5CA66D7D}" = Digital Video "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update "{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5 "{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software "{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout "{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skypeâ„¢ 5.10 "{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr "{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}" = HP Easy Setup - Frontend "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AOL Toolbar" = AOL Toolbar 5.0 "CCleaner" = CCleaner "E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) "EPSON SX510W Series" = EPSON SX510W Series Printer Uninstall "ESET Online Scanner" = ESET Online Scanner v3 "ffdshow_is1" = ffdshow [rev 1692] [2007-12-09] "Google Chrome" = Google Chrome "Google Updater" = Google Updater "HP Photosmart Essential" = HP Photosmart Essential 3.0 "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "lvdrivers_11.80" = Logitech QuickCam Driver Package "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "Network Play System (Patching)" = Network Play System (Patching) "NVIDIA Drivers" = NVIDIA Drivers "PC-Doctor for Windows" = Hardware Diagnostic Tools "Picasa 3" = Picasa 3 "PrintProjects" = PrintProjects "WildTangent hp Master Uninstall" = HP Games "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WT079593" = Monster Trucks Nitro ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "MyFreeCodec" = MyFreeCodec ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 14/02/2013 05:03:53 | Computer Name = frances-PC | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.1.112:5353 20 112.1.168.192.in-addr.arpa. PTR frances-PC-2.local. Error - 14/02/2013 05:03:53 | Computer Name = frances-PC | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 18 112.1.168.192.in-addr.arpa. PTR frances-PC.local. Error - 14/02/2013 05:03:56 | Computer Name = frances-PC | Source = WinMgmt | ID = 10 Description = Error - 14/02/2013 05:22:51 | Computer Name = frances-PC | Source = Application Error | ID = 1000 Description = Faulting application ie3sh.exe, version 1.0.0.4, time stamp 0x4b0581b6, faulting module BHO.DLL, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000135, fault offset 0x00009f5d, process id 0x918, application start time 0x01ce0a94b1fb2f14. Error - 15/02/2013 05:32:18 | Computer Name = frances-PC | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.1.117:5353 20 117.1.168.192.in-addr.arpa. PTR frances-PC-2.local. Error - 15/02/2013 05:32:18 | Computer Name = frances-PC | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 18 117.1.168.192.in-addr.arpa. PTR frances-PC.local. Error - 15/02/2013 05:32:20 | Computer Name = frances-PC | Source = WinMgmt | ID = 10 Description = Error - 15/02/2013 06:06:15 | Computer Name = frances-PC | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Received from 192.168.1.117:5353 20 117.1.168.192.in-addr.arpa. PTR frances-PC-2.local. Error - 15/02/2013 06:06:15 | Computer Name = frances-PC | Source = Bonjour Service | ID = 100 Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 18 117.1.168.192.in-addr.arpa. PTR frances-PC.local. Error - 15/02/2013 06:06:29 | Computer Name = frances-PC | Source = WinMgmt | ID = 10 Description = [ Spybot - Search and Destroy Events ] Error - 04/02/2013 07:57:59 | Computer Name = frances-PC | Source = SDCleaner | ID = 100 Description = LoadCleaningInstructions [ System Events ] Error - 14/02/2013 05:03:56 | Computer Name = frances-PC | Source = Service Control Manager | ID = 7026 Description = Error - 14/02/2013 05:04:53 | Computer Name = frances-PC | Source = DCOM | ID = 10016 Description = Error - 15/02/2013 05:31:53 | Computer Name = frances-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 16:53:38 on 14/02/2013 was unexpected. Error - 15/02/2013 05:32:20 | Computer Name = frances-PC | Source = Service Control Manager | ID = 7026 Description = Error - 15/02/2013 05:33:18 | Computer Name = frances-PC | Source = DCOM | ID = 10016 Description = Error - 15/02/2013 05:51:08 | Computer Name = frances-PC | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.2233.0 Update Source: %%859 Update Stage: %%854 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Error - 15/02/2013 05:51:08 | Computer Name = frances-PC | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.2233.0 Update Source: %%859 Update Stage: %%854 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Error - 15/02/2013 05:51:08 | Computer Name = frances-PC | Source = Microsoft Antimalware | ID = 2001 Description = %%860 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.2233.0 Update Source: %%859 Update Stage: %%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Error - 15/02/2013 06:06:29 | Computer Name = frances-PC | Source = Service Control Manager | ID = 7026 Description = Error - 15/02/2013 06:07:15 | Computer Name = frances-PC | Source = DCOM | ID = 10016 Description = < End of report >
  10. BreatGritain
    Morning Starbuck - Thanks for your help. Heres ADWCLEANER # AdwCleaner v2.112 - Logfile created 02/15/2013 at 09:35:43 # Updated 10/02/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (32 bits) # User : frances - FRANCES-PC # Boot Mode : Normal # Running from : C:\Users\frances\Downloads\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Users\frances\AppData\Local\Temp\Uninstall.exe Folder Deleted : C:\Program Files\Common Files\AVG Secure Search Folder Deleted : C:\Users\frances\AppData\Local\Smartbar Folder Deleted : C:\Users\frances\AppData\Local\Temp\Smartbar Folder Deleted : C:\Users\frances\AppData\LocalLow\AVG Security Toolbar ***** [Registry] ***** Key Deleted : HKCU\Software\FunWebProducts Key Deleted : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F1D49A81-DFD1-4580-B7B3-B5990F64C0EC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus Updater Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Key Deleted : HKCU\Software\SmartbarLog Key Deleted : HKLM\SOFTWARE\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA2E16F2-387A-415F-BA95-B89BAF3AF109} Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1D49A81-DFD1-4580-B7B3-B5990F64C0EC} Key Deleted : HKLM\SOFTWARE\Software Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}] ***** [internet Browsers] ***** -\\ Internet Explorer v7.0.6002.18005 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.fastbrowsersearch.com/new-tab/?v=19&tid={f2217839-f3bc-4f1c-8277-b54ce561b6bd} --> hxxp://www.google.com -\\ Google Chrome v24.0.1312.57 File : C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [5414 octets] - [15/02/2013 09:35:43] ########## EOF - C:\AdwCleaner[s1].txt - [5474 octets] ########## And Then OTL.TXT OTL logfile created on: 15/02/2013 10:16:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\frances\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1.87 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 47.25% Memory free 3.98 Gb Paging File | 2.69 Gb Available in Paging File | 67.41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 220.40 Gb Total Space | 140.74 Gb Free Space | 63.86% Space Free | Partition Type: NTFS Drive D: | 12.48 Gb Total Space | 1.38 Gb Free Space | 11.05% Space Free | Partition Type: NTFS Computer Name: FRANCES-PC | User Name: frances | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\frances\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) PRC - C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company) PRC - C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company) PRC - c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) PRC - c:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.) PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe () PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () PRC - C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.) PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.) PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION) PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) PRC - C:\Windows\UMStor\Res.exe (ali) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\59cd8889b26ea43d59660e906049b2b3\UIAutomationTypes.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll () MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll () MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll () MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll () MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll () MOD - C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll () MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll () MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll () MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll () MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll () MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll () MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () MOD - C:\Program Files\Logitech\QuickCam\LAppRes.DLL () MOD - C:\Program Files\Logitech\QuickCam\Quickcam.exe () MOD - C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll () MOD - C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll () MOD - C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll () MOD - C:\Program Files\Logitech\QuickCam\EFVal.dll () MOD - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () MOD - C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll () MOD - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll () ========== Services (SafeList) ========== SRV - (SDWSCService) -- C:\Program Files\Spybot File not found SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found SRV - (SDScannerService) -- C:\Program Files\Spybot File not found SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) SRV - (Kodak AiO Status Monitor Service) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company) SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.) SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (EPSON_EB_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION) SRV - (EPSON_PM_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) ========== Driver Services (SafeList) ========== DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found DRV - (RapportIaso) -- c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (cportclm) -- C:\Users\frances\AppData\Local\Temp\cportclm.sys File not found DRV - (MpKsld4b2b3d5) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A2A61ED1-4480-46F9-B8DD-3C5F8708D7B5}\MpKsld4b2b3d5.sys (Microsoft Corporation) DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (WSDScan) -- C:\Windows\System32\drivers\WSDScan.sys (Microsoft Corporation) DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (s0016unic) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation) DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.) DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation) DRV - (s816bus) -- C:\Windows\System32\drivers\s816bus.sys (MCCI Corporation) DRV - (CoachUsb) -- C:\Windows\System32\drivers\CoachDc.sys (FotoNation Inc.) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9DC19975-C9DB-4E1E-BDE6-CCF9F07BDBE0}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1184&query={searchTerms}&invocationType=tb50hpcndtie7-en-gb IE - HKLM\..\SearchScopes\{C7586290-887F-4007-BC14-03605B5052B9}: "URL" = http://uk.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913936 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/news/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=19&tid={F2217839-F3BC-4f1c-8277-B54CE561B6BD} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en-GB IE - HKCU\..\SearchScopes\{9DC19975-C9DB-4E1E-BDE6-CCF9F07BDBE0}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1184&query={searchTerms}&invocationType=tb50hpcndtie7-en-gb IE - HKCU\..\SearchScopes\{C7586290-887F-4007-BC14-03605B5052B9}: "URL" = http://uk.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913936 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\frances\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found ========== Chrome ========== CHR - homepage: http://www.google.co.uk/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.co.uk/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\frances\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google Search = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Skype Click to Call = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ CHR - Extension: Gmail = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: YouTube = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google Search = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Skype Click to Call = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ CHR - Extension: Gmail = C:\Users\frances\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [Conime] C:\Windows\System32\conime.exe (Microsoft Corporation) O4 - HKLM..\Run: [DVDAgent] c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company) O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe () O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [uSB Storage Toolbox] C:\Windows\UMStor\Res.exe (ali) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [EPSON SX510W Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; FBSMTWB; GTB0.0; FunWebProducts; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://www.miniclip.com/games/cab-driver/en/" File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Reg Error: Key error.) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Reg Error: Value error.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263152786016 (WUWebControl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {FD0EBBED-0C42-4D0F-82DA-44399B5C420A} http://downloads.virginmedia.com/CST/ver1/vistainstaller.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D18200FD-4AD7-4A68-84DC-533333FC6A7B}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\linkscanner - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O24 - Desktop WallPaper: C:\Users\frances\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\frances\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/10/24 02:26:18 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) MsConfig - StartUpReg: Epson Stylus SX510W(Network) - hkey= - key= - File not found MsConfig - StartUpReg: EPSON8D50E5 - hkey= - key= - File not found MsConfig - StartUpReg: HP Health Check Scheduler - hkey= - key= - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) MsConfig - StartUpReg: SDTray - hkey= - key= - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) MsConfig - StartUpReg: Spybot-S&D Cleaning - hkey= - key= - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.) MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "startup" - 2 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013/02/15 10:15:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\frances\Desktop\OTL.exe [2013/02/14 09:27:06 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013/02/14 09:26:52 | 000,000,000 | ---D | C] -- C:\JRT [2013/02/14 09:26:23 | 000,547,384 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\frances\Desktop\JRT.exe [2013/02/14 09:12:09 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013/02/14 09:12:02 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/02/14 09:12:02 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2013/02/14 09:12:02 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/02/14 09:12:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013/02/14 09:12:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013/02/14 09:12:02 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/02/14 09:12:02 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/02/14 09:12:02 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/02/14 09:12:01 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013/02/14 09:12:00 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2013/02/14 09:11:56 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013/02/14 09:11:56 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013/02/05 11:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} [2013/02/05 11:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2013/02/05 11:38:34 | 000,000,000 | ---D | C] -- C:\Users\frances\AppData\Roaming\IObit [2013/02/05 11:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2013/02/05 11:37:13 | 021,494,224 | ---- | C] (IObit ) -- C:\Users\frances\Desktop\asc-setup.exe [2013/02/04 16:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2013/02/04 13:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013/02/04 12:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2013/02/04 12:22:47 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2013/02/04 11:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013/02/04 11:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013/02/04 11:28:47 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe [2013/02/04 11:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2 [2013/02/04 09:14:36 | 000,000,000 | ---D | C] -- C:\Users\frances\AppData\Roaming\Malwarebytes [2013/02/04 09:14:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/02/04 09:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/04 09:14:22 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013/02/04 09:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/01/22 22:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\XoftSpySE [2012/06/07 16:25:54 | 001,821,920 | ---- | C] (Microsoft Corporation) -- C:\Users\frances\vcredist.exe [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/02/15 10:16:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\frances\Desktop\OTL.exe [2013/02/15 10:12:24 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/15 10:12:05 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013/02/15 10:08:00 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3528023205-3255598386-147427001-1000UA.job [2013/02/15 10:06:01 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/15 10:06:01 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/15 10:05:44 | 000,319,224 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/02/15 10:05:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/15 10:04:05 | 2010,210,304 | -HS- | M] () -- C:\hiberfil.sys [2013/02/15 09:45:47 | 000,596,036 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/02/15 09:45:47 | 000,104,110 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/02/15 09:41:37 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/15 09:31:58 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForfrances.job [2013/02/14 16:08:52 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3528023205-3255598386-147427001-1000Core.job [2013/02/14 09:26:35 | 000,547,384 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\frances\Desktop\JRT.exe [2013/02/05 11:37:19 | 021,494,224 | ---- | M] (IObit ) -- C:\Users\frances\Desktop\asc-setup.exe [2013/02/04 13:05:43 | 000,109,882 | ---- | M] () -- C:\Users\frances\Documents\cc_20130204_130527.reg [2013/02/04 12:24:49 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif [2013/02/04 09:14:24 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/02/03 12:20:20 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2013/01/30 10:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013/01/28 19:33:52 | 000,009,784 | -HS- | M] () -- C:\Users\frances\Documents\Folder.jpg [2013/01/28 19:33:52 | 000,009,784 | -HS- | M] () -- C:\Users\frances\Documents\AlbumArt_{D1BE3125-6A76-4C52-872C-09AD024507DC}_Large.jpg [2013/01/28 19:33:52 | 000,002,459 | -HS- | M] () -- C:\Users\frances\Documents\AlbumArtSmall.jpg [2013/01/28 19:33:52 | 000,002,459 | -HS- | M] () -- C:\Users\frances\Documents\AlbumArt_{D1BE3125-6A76-4C52-872C-09AD024507DC}_Small.jpg [2013/01/22 19:41:10 | 000,001,997 | ---- | M] () -- C:\Users\frances\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/01/22 18:58:45 | 000,133,120 | ---- | M] () -- C:\Users\frances\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/01/17 17:43:43 | 000,000,680 | ---- | M] () -- C:\Users\frances\AppData\Local\d3d9caps.dat [2013/01/16 20:24:30 | 006,456,249 | ---- | M] () -- C:\Users\frances\Documents\Frankie Valli & The Four Seasons - The Night.mp3 [2013/01/16 20:23:40 | 000,008,952 | -HS- | M] () -- C:\Users\frances\Documents\AlbumArt_{17E13450-E116-422C-A834-CCA1B0E2F8F9}_Large.jpg [2013/01/16 20:23:39 | 000,002,407 | -HS- | M] () -- C:\Users\frances\Documents\AlbumArt_{17E13450-E116-422C-A834-CCA1B0E2F8F9}_Small.jpg [2013/01/16 20:23:31 | 004,589,080 | ---- | M] () -- C:\Users\frances\Documents\01 Simple Love.wma [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/02/14 10:10:20 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForfrances.job [2013/02/04 13:05:31 | 000,109,882 | ---- | C] () -- C:\Users\frances\Documents\cc_20130204_130527.reg [2013/02/04 12:24:49 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif [2013/02/04 12:24:26 | 000,001,828 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2013/02/04 11:28:53 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013/02/04 09:14:24 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/01/28 19:33:53 | 000,009,784 | -HS- | C] () -- C:\Users\frances\Documents\AlbumArt_{D1BE3125-6A76-4C52-872C-09AD024507DC}_Large.jpg [2013/01/28 19:33:53 | 000,002,459 | -HS- | C] () -- C:\Users\frances\Documents\AlbumArt_{D1BE3125-6A76-4C52-872C-09AD024507DC}_Small.jpg [2013/01/26 15:01:25 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013/01/16 20:23:40 | 000,008,952 | -HS- | C] () -- C:\Users\frances\Documents\AlbumArt_{17E13450-E116-422C-A834-CCA1B0E2F8F9}_Large.jpg [2013/01/16 20:23:40 | 000,002,407 | -HS- | C] () -- C:\Users\frances\Documents\AlbumArt_{17E13450-E116-422C-A834-CCA1B0E2F8F9}_Small.jpg [2012/11/28 14:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012/11/28 14:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012/11/28 14:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012/11/28 14:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012/09/24 13:31:08 | 000,001,119 | ---- | C] () -- C:\Windows\System32\EKaio2WiaCoInst.ini [2012/06/07 16:25:54 | 000,630,784 | ---- | C] () -- C:\Users\frances\Setup.exe [2012/06/07 16:25:52 | 024,644,930 | ---- | C] () -- C:\Users\frances\MSI.CAB [2009/02/11 18:55:22 | 000,000,852 | ---- | C] () -- C:\Users\frances\AppData\Roaming\wklnhst.dat [2009/02/07 17:50:58 | 000,000,680 | ---- | C] () -- C:\Users\frances\AppData\Local\d3d9caps.dat [2009/02/07 17:30:54 | 000,133,120 | ---- | C] () -- C:\Users\frances\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 06:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 06:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010/04/28 19:00:34 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Amazon [2012/04/11 09:40:19 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Epson [2009/11/26 19:15:39 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\GetRightToGo [2013/02/05 11:38:43 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\IObit [2009/03/29 15:09:15 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Leadertech [2009/09/28 18:52:22 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Lexmark Productivity Studio [2009/09/14 16:10:55 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\LG Electronics [2010/04/28 18:11:36 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\muvee Technologies [2009/03/01 19:41:16 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Nokia [2009/02/14 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\PC Suite [2009/10/01 18:23:07 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\PlayFirst [2013/01/16 20:35:38 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Samsung [2011/01/12 20:22:15 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Smilebox [2009/12/17 20:23:29 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\SPORE Creature Creator [2009/02/08 21:37:55 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Teleca [2012/04/11 10:19:56 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Temp [2009/04/23 19:01:29 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\Template [2012/12/15 12:07:57 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\TuneUp Software [2009/11/26 18:53:13 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\uTorrent [2009/02/07 17:54:55 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\WildTangent [2009/03/01 19:10:18 | 000,000,000 | ---D | M] -- C:\Users\frances\AppData\Roaming\WinBatch ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2013/02/15 09:38:08 | 000,005,543 | ---- | M] () -- C:\AdwCleaner[s1].txt [2008/10/24 02:26:18 | 000,000,074 | ---- | M] () -- C:\autoexec.bat [2009/11/01 13:54:50 | 000,002,228 | ---- | M] () -- C:\avi_log.txt [2009/04/11 06:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/10/24 10:45:40 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006/09/18 21:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010/07/28 13:18:41 | 000,000,134 | ---- | M] () -- C:\debugInstaller.txt [2010/08/09 18:26:23 | 000,000,625 | ---- | M] () -- C:\FINIS_IT.TXT [2013/02/15 10:04:05 | 2010,210,304 | -HS- | M] () -- C:\hiberfil.sys [2010/03/05 19:33:53 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/06/07 13:20:29 | 000,000,156 | ---- | M] () -- C:\lxdx.log [2010/03/05 19:33:53 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2013/02/15 10:04:04 | 2324,115,456 | -HS- | M] () -- C:\pagefile.sys [2013/02/05 10:40:35 | 000,124,896 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_05.02.2013_10.40.00_log.txt < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > [2012/09/29 14:49:58 | 000,060,928 | ---- | M] (Eastman Kodak Company) -- C:\Windows\system32\Spool\prtprocs\w32x86\EKAiO2PPR.dll [2006/11/02 09:46:04 | 000,032,768 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\system32\Spool\prtprocs\w32x86\EP0NPP01.DLL [2006/11/02 12:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll [2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 03:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 03:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 03:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 10:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 10:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %PROGRAMFILES%\* > [2008/01/21 02:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/26 02:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/26 02:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/26 02:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/01/26 02:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/21 02:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/21 02:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/21 02:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 06:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/26 02:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/26 02:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/26 02:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/01/26 02:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/21 02:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/21 02:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/21 02:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 06:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\frances\Documents\CLIP0002.AVI:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\frances\Documents\135.AVI:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\frances\Documents\131.AVI:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\frances\Documents\026.MPG:TOC.WMV @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:0B4227B4 < End of report >
  11. BreatGritain
    Hi Starbuck, thanks for offering your assistance. I know you told me to be patient with JML - but the scan has been running four hours now and it's still not finished. Could it have crashed? There's no progress/status bar, so it's difficult for me to tell! Thanks, Tom
  12. BreatGritain
    Hi, I've removed a load of malware from a laptop with MBAM, But now i'm getting an error message on start-up "IE3SH.exe" Application failed to start as BHO.DLL was not found. I'm guessing it's what is left frm a redundant infection trying to run itself at start-up. Does anyone know how to stop this error message from popping up? Thanks, Tom
  13. BreatGritain
    Ken, I'm just buttering him up for future use. Lol.
  14. BreatGritain
    etavares, you're amazing, you know that? Thank you for your help, it's really appreciated.
  15. BreatGritain
    Yes, well spotted Seedy!! :p lol
  16. BreatGritain
    You're not putting "www." infront of the 192.196.2.2 are you? I'm taking a wild stab in the dark at this, but I've never seen a wifi device that didn't start with 192.168 Could it be worth trying 192.168.2.2 and assuming the manual has a mis-print??
  17. BreatGritain
    Hi, welcome to the forum. You might be able to see the system temperature in the computers BIOS, if you can this will probably be the most accurate reading you will get, as there is less software to interfere with any readings. Personally, I use software called "speedfan" to check the temp of my computers, and I've never had any issues with it. It might be worth considering the possibility that your new motherboard could have a faulty temperature sensor giving misleading results - im not sure if that's possible, but if it is it could be nothing to worry about.
  18. BreatGritain
    Hi, welcome to the forum. Hopefully this will be nice and easy, it sounds like Firefox is in full screen mode. To rectify, open Firefox and wait until it has loaded. Press F11 on your keyboard. This should toggle full screen mode off. For future reference, please leave a line or so after every other sentence when your posting- makes it loads easier to read!
  19. BreatGritain
    You could ask your relations to install a Wifi repeater and position it on the wall that is nearest to your house - though this won't make a difference if their router is already there. As a technicality we shouldn't be assisting with this? an ISP could be of the view that you're using a service you're not paying for, which, if you squint, isn't legal.
  20. BreatGritain
    Hi, welcome to the forum. Under data protection laws Facebook cannot hand over personal information about a hacker. Your only real option is to change your password. If you're really concerned the only thing you can do to further this matter is to speak to your local police department. If they share your cause for concern they can request the hackers details from Facebook and take further action. I wouldn't try confront the person you suspect it to be, you'll look a fool if you're wrong. Good luck.
  21. BreatGritain
    Hi etavares, Ran the OTL fix for AllMyApps, then rebooted. AllMyApps appears to be gone, which is great. a log was produced: ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Allmyapps deleted successfully. C:\Program Files (x86)\Allmyapps\AllmyappsNotifier.exe moved successfully. ========== FILES ========== Folder move failed. C:\Program Files (x86)\Allmyapps scheduled to be moved on reboot. OTL by OldTimer - Version 3.2.69.0 log created on 02032013_193933 Files\Folders moved on Reboot... C:\Program Files (x86)\Allmyapps folder moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Also ran a quick scan on OTL as requested : I don't have any other concerns with the machine, it seems fine to me, and I really appreciate your time. Thanks, Tom.
  22. BreatGritain
    I ha a look in add/remove programs, it doesn't show on the list. If its just an annoyance rather than anything malicious then it can stay, it's not my laptop after all. What would you suggest? Thanks, Tom.
  23. BreatGritain
    Hi, Heres the result of the latest scan: It said nothing was found, which is great. the laptop seems fine now. The only thing that concerns me is a program called "AllMyApps Manager" keeps trying to open on every boot and requests permission to open itself. If that makes sense? But apart from that all seems great. Thanks for your help.
  24. BreatGritain
    Lovely. I ran the fix with OTL, and then rebooted. I failed to save the text file before rebooting, and it's gone now i'm afraid. I hope that's not too inconvenient. The report that was produced said a couple of items could not be found, but most were "sucessful" (or something like that, from memory). I then ran the full scan on OTL with "All users" checked. The report from that has been attatched. I then ran ESET, and the result is here... [ATTACH]960.vB5-legacyid=1857[/ATTACH] OTL.Txt
  25. BreatGritain
    Hi, Welcome to the forum. I've only ever installed a Wifi repeater once, so this might be a little sketchy. On your laptop/pc, disconnect completely from your plusnet connection. Plug your wifi repeater into the mains and wait a few minutes until it is ready (Usually a light changes colour or stops flashing) Connect your Laptop/PC to extender643b7c - it shouldn't require a password - if it does refer to the extenders handbook. Does it let you get this far? If it does the rest will of the info you will need will be in the instruction handbook that came with the extender - essentially you need to open up a web-browser, go to 192.168.x.x, and follow some simple on-screen instructions.
×
×
  • Create New...