Jump to content

PC Tuning help

Gadgie
 Share

Recommended Posts

Gadgie Newbie

Gadgie

Posted
Posted

Hi

 

My Computer has been running pretty slow so I downloaded a pc check up programme from speedtest.net which when run found almost 1000 problems. In order for this programme to fix my computer I had to buy the full product. Is there any legit programmes that I can download to yune and fix my computer?

 

regards

  • Replies 52
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

KenB Newbie

KenB

Posted
Posted

Hi,

 

I am glad that you didn't buy this product. It, whatever it was, is a scam.

 

Download MBAM from here:

http://www.malwarebytes.org/

 

Click on Products - you want the FREE version.

 

Install > Update > Run it.

It will produce a log.

Copy this and post it here please.

There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !!

 

MiniToolBox

Network Test

Wireless Test

Gadgie Newbie

Gadgie

Posted
  • Author
Posted (edited)
Hi,

 

I am glad that you didn't buy this product. It, whatever it was, is a scam.

 

Download MBAM from here:

http://www.malwarebytes.org/

 

Click on Products - you want the FREE version.

 

Install > Update > Run it.

It will produce a log.

Copy this and post it here please.

 

Hi

 

Just doing this now will post the log once finished.

 

Thanks for your help

 

Also just noticed that my profile says I run XP but now have a new computer that runs Windows 7

 

Cheers

Edited by Gadgie
Gadgie Newbie

Gadgie

Posted
  • Author
Posted

update

 

Hi,

 

I am glad that you didn't buy this product. It, whatever it was, is a scam.

 

Download MBAM from here:

http://www.malwarebytes.org/

 

Click on Products - you want the FREE version.

 

Install > Update > Run it.

It will produce a log.

Copy this and post it here please.

 

Hi

 

I have run the software, it did not detect any viruses but detected 62 low risk tracking cookies, what do you recommend?

 

cheers

Gadgie Newbie

Gadgie

Posted
  • Author
Posted
Post the log here as per my first post.

I will ask one of the Security guys to confirm.

 

Sorry how do I post the log?

KenB Newbie

KenB

Posted
Posted

Open MBAM by clicking on the desktop icon > click on LOGS ( toolbar )

Click on the log to open - it will open in Notebook

Edit > Select All

CTRL + C will copy it.

 

If you are on a different machine open Notebook.

CTRL + V will paste it

Save as MBAM log to a memory stick.

Put memory stick into other machine and Open Notebook > Open the saved file.

Select All > Copy

 

CTRL + V will paste it into your reply.

There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !!

 

MiniToolBox

Network Test

Wireless Test

Gadgie Newbie

Gadgie

Posted
  • Author
Posted
Open MBAM by clicking on the desktop icon > click on LOGS ( toolbar )

Click on the log to open - it will open in Notebook

Edit > Select All

CTRL + C will copy it.

 

If you are on a different machine open Notebook.

CTRL + V will paste it

Save as MBAM log to a memory stick.

Put memory stick into other machine and Open Notebook > Open the saved file.

Select All > Copy

 

CTRL + V will paste it into your reply.

 

Hi

 

I chose not too install the toolbar so cant see an option for LOGS?

 

You also have mentioned MBAM, the product I installed from the link provided is called CyberDefender is this the right software? Assuming it is how do I copy a LOG without the Toolbar?

 

cheers again

Gadgie Newbie

Gadgie

Posted
  • Author
Posted
No - not at all.

I have just checked the link and it takes you to MBAM ???

 

Try this link:

MBAM Anti-malware

 

Don't forget to update it before you run it.

 

Hi

 

Now Im really confused!!

 

The first link took me to Malwarebytes and I clicked on the products tab at the top left and dowloaded the free version which is called Cyber Defender.

 

The second link you posted takes me to majorgeeks.com, assuming this second one is correct which do I download?

 

May not be able to get back to you until after 10pm, sorry for keep getting it wrong In really am **** at this sort of stuff!!

 

cheers again

KenB Newbie

KenB

Posted
Posted

The second link does take you to Major Geeks.

The download should be automatic.

 

if you are using Internet Explorer you may need to OK the download by clicking on a highlighted bar near the top of the screen.

 

If you are looking at MajorGeeks mirror sites - just click on one of these.

make sure that your download file has MBAM in it.

it should be mbam-setup-1.51.2.1300

There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !!

 

MiniToolBox

Network Test

Wireless Test

Gadgie Newbie

Gadgie

Posted
  • Author
Posted (edited)
The second link does take you to Major Geeks.

The download should be automatic.

 

if you are using Internet Explorer you may need to OK the download by clicking on a highlighted bar near the top of the screen.

 

If you are looking at MajorGeeks mirror sites - just click on one of these.

make sure that your download file has MBAM in it.

it should be mbam-setup-1.51.2.1300

 

Hi

 

The set up exe file appears but when I click it nothing happens. I did a search on the site and it seems that some people have had similar problems. The solution seems to be to rename the file before installing but I cant work out how to do this (if indeed this is what is best to do) Here is the link to the solutions I found:

 

http://forums.majorgeeks.com/showthread.php?t=164558

 

Perhaps you can advise what would be best?

 

I also use google chrome dont know if you need to know this

 

cheers

Edited by Gadgie
Starbuck Newbie

Starbuck

Posted
Posted

Hi Gadgie

 

Try this link and instructions:

 

Please download Malwarebytes Anti-Malware ( click the 'Download Now' within the link) and save it to your desktop.

  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • Vista and Win7 users should right click on the icon and click 'Run as Administrator'.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware

    [*]Then click Finish.

    [*]MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.

    [*]On the Scanner tab:

    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.

    [*]If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.

    [*]The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.

    [*]When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".

    [*]Click OK to close the message box and continue with the removal process.

    [*]Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.

    [*]Make sure that everything is checked, and click Remove Selected.

    [*]When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)

    [*]The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.

    [*]Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

 

 

If this doesn't work, let us know.

If it works, please post the report in your next reply.

 

Thanks.

 

 

Btw:

If you need to rename MBAM.... right click on the downloaded icon and select 'rename'.

You can rename it to what ever you like. (even your name etc)

Member of:

UNITE

Gadgie Newbie

Gadgie

Posted
  • Author
Posted
Hi Gadgie

 

Try this link and instructions:

 

Please download Malwarebytes Anti-Malware ( click the 'Download Now' within the link) and save it to your desktop.

  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • Vista and Win7 users should right click on the icon and click 'Run as Administrator'.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware

    [*]Then click Finish.

    [*]MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.

    [*]On the Scanner tab:

    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.

    [*]If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.

    [*]The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.

    [*]When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".

    [*]Click OK to close the message box and continue with the removal process.

    [*]Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.

    [*]Make sure that everything is checked, and click Remove Selected.

    [*]When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)

    [*]The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.

    [*]Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

 

 

If this doesn't work, let us know.

If it works, please post the report in your next reply.

 

Thanks.

 

 

Btw:

If you need to rename MBAM.... right click on the downloaded icon and select 'rename'.

You can rename it to what ever you like. (even your name etc)

 

Hi

 

Still cant get it to work. When I click on the download bar at the top of the screen a few seconds later the download shows at the bottom left of the screen withthe options to Keep or Discard. When I click on Keep it look as if it starts to download but then disappears then nothing happens at all. Either Im being really stupid or something is preventing me from dowloading this software, I now suspect something might be lurking on my computer and am getting a bit worried as I use interent banking on this computer several times per day.

 

Any ideas please?

 

cheers

Gadgie Newbie

Gadgie

Posted
  • Author
Posted
Boot up in Safe Mode

Constantly tap F8 after restarting.

Select F8 from the list of options.

 

Go back to the downloads folder and try it now.

 

Okay managed to get it to work, actually managed to download from Malwarebytes website, not sure why it didnt do it yesterday but scanning just now and will post the results when finished.

 

cheers

Gadgie Newbie

Gadgie

Posted
  • Author
Posted

Okay 2 items found here are the logs:

 

Malwarebytes' Anti-Malware 1.51.2.1300

http://www.malwarebytes.org

 

 

Database version: 8130

 

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

 

10/11/2011 13:56:58

mbam-log-2011-11-10 (13-56-58).txt

 

 

Scan type: Full scan (C:\|D:\|E:\|F:\|)

Objects scanned: 414260

Time elapsed: 2 hour(s), 38 minute(s), 27 second(s)

 

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

 

 

Memory Processes Infected:

(No malicious items detected)

 

 

Memory Modules Infected:

(No malicious items detected)

 

 

Registry Keys Infected:

(No malicious items detected)

 

 

Registry Values Infected:

(No malicious items detected)

 

 

Registry Data Items Infected:

(No malicious items detected)

 

 

Folders Infected:

(No malicious items detected)

 

 

Files Infected:

c:\programdata\kaspersky lab\Sandbox\KLSB1\Device\harddiskvolume2\Users\George\downloads\VLCSetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

c:\programdata\kaspersky lab\Sandbox\KLSB1\Device\harddiskvolume2\Users\George\downloads\xvidsetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

 

 

 

11:12:58 George MESSAGE Protection started successfully

11:13:04 George MESSAGE IP Protection started successfully

14:08:26 George MESSAGE Protection started successfully

14:08:35 George MESSAGE IP Protection started successfully

 

 

 

 

Is there anything else I need to do? Or can I assume my computer is 100% safe. And what can I do in the future to make sure that my computer is better protected?

 

Should I be changing my passwords, especially for on-line banking?

 

cheers for the help

Gadgie Newbie

Gadgie

Posted
  • Author
Posted
forgot to ask if you can tell me what those 2 items were and how dangerous? and any idea where they may have come from? cheers
Gadgie Newbie

Gadgie

Posted
  • Author
Posted
Hi,

 

One of our Security Experts will advise soon ( It does look OK but I am not expert in this field :) )

 

okay cheers

Starbuck Newbie

Starbuck

Posted
Posted

Hi Gadgie

 

The files removed by MBAM are not really bad as they are only Adware related.

 

I see you are running Kaspersky, this may have contributed to you not being able the download and install MBAM.

Take a look here for an explanation:

http://forum.kaspersky.com/lofiversion/index.php/t214771.html

 

As you say you use Internet Banking it may be best to run some checks and put your mind at rest that there's no malware lurking.

I'll move this thread to the Malware Removal forum whilst we run the checks.

 

 

Step 1

Download aswMBR and save it to your desktop.

  • Double click the aswMBR.exe to run it.
  • The latest version gives you the option of adding the latest Avast definitions:
     
    http://img.photobucket.com/albums/v708/starbuck50/new/03-07-201116-24-19.png
     
  • It is recommended at this time to click NO. ( as there is a possibility of crashing the system)
  • Click the Scan button to start scan.

http://img.photobucket.com/albums/v708/starbuck50/new/asw1.gif

 

On completion of the scan click Save log and save it to your desktop.

 

http://img.photobucket.com/albums/v708/starbuck50/new/asw2.gif

 

Please post this in your reply.

 

NOTE:

aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

 

 

Step 2

  • Download OTL to your desktop.
    right click on the link and select 'Save Link/Target As'.
     
    if you have problems, try this download link:
    OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check

.

 

.

http://img.photobucket.com/albums/v708/starbuck50/new/Otllatest.png

 

Now copy the lines in bold below.

 

netsvcs

msconfig

%SYSTEMDRIVE%\*.*

%systemroot%\system32\Spool\prtprocs\w32x86\*.dll

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\system32\*.exe /lockedfiles

%systemroot%\System32\config\*.sav

%PROGRAMFILES%\*

%USERPROFILE%\..|smtmp;true;true;true /FP

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

hklm\software\clients\startmenuinternet|command /rs

hklm\software\clients\startmenuinternet|command /64 /rs

CREATERESTOREPOINT

 

  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.
     
    http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png
    .
  • Click the Run Scan button.
     
    http://img.photobucket.com/albums/v708/starbuck50/runscan.png
     
  • Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply.

 

 

 

In your next reply, please submit:

aswMBR report

and both reports from OTL.

 

 

Thanks.

Member of:

UNITE

Gadgie Newbie

Gadgie

Posted
  • Author
Posted
Hi Gadgie

 

The files removed by MBAM are not really bad as they are only Adware related.

 

I see you are running Kaspersky, this may have contributed to you not being able the download and install MBAM.

Take a look here for an explanation:

http://forum.kaspersky.com/lofiversion/index.php/t214771.html

 

As you say you use Internet Banking it may be best to run some checks and put your mind at rest that there's no malware lurking.

I'll move this thread to the Malware Removal forum whilst we run the checks.

 

 

Step 1

Download aswMBR and save it to your desktop.

  • Double click the aswMBR.exe to run it.
  • The latest version gives you the option of adding the latest Avast definitions:
     
    http://img.photobucket.com/albums/v708/starbuck50/new/03-07-201116-24-19.png
  • It is recommended at this time to click NO. ( as there is a possibility of crashing the system)
  • Click the Scan button to start scan.

http://img.photobucket.com/albums/v708/starbuck50/new/asw1.gif

 

On completion of the scan click Save log and save it to your desktop.

 

http://img.photobucket.com/albums/v708/starbuck50/new/asw2.gif

 

Please post this in your reply.

 

NOTE:

aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

 

 

Step 2

  • Download OTL to your desktop.
    right click on the link and select 'Save Link/Target As'.
     
    if you have problems, try this download link:
    OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check

.

 

.

http://img.photobucket.com/albums/v708/starbuck50/new/Otllatest.png

 

Now copy the lines in bold below.

 

netsvcs

msconfig

%SYSTEMDRIVE%\*.*

%systemroot%\system32\Spool\prtprocs\w32x86\*.dll

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\system32\*.exe /lockedfiles

%systemroot%\System32\config\*.sav

%PROGRAMFILES%\*

%USERPROFILE%\..|smtmp;true;true;true /FP

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

hklm\software\clients\startmenuinternet|command /rs

hklm\software\clients\startmenuinternet|command /64 /rs

CREATERESTOREPOINT

  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.
     
    http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png
    .
  • Click the Run Scan button.
     
    http://img.photobucket.com/albums/v708/starbuck50/runscan.png
  • Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply.

 

 

In your next reply, please submit:

aswMBR report

and both reports from OTL.

 

 

Thanks.

 

 

Hi here is the report from the 1st scan

 

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software

Run date: 2011-11-11 15:18:03

-----------------------------

15:18:03.907 OS Version: Windows x64 6.1.7600

15:18:03.908 Number of processors: 1 586 0x602

15:18:03.909 ComputerName: GEORGE-PC UserName: George

15:18:10.263 Initialize success

15:18:32.195 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

15:18:32.198 Disk 0 Vendor: ST9250410AS 0006HPM1 Size: 238475MB BusType: 11

15:18:34.210 Disk 0 MBR read successfully

15:18:34.212 Disk 0 MBR scan

15:18:34.214 Disk 0 unknown MBR code

15:18:34.217 Service scanning

15:18:44.049 Modules scanning

15:18:44.056 Disk 0 trace - called modules:

15:18:44.078 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys

15:18:44.086 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80024ba4e0]

15:18:44.096 3 CLASSPNP.SYS[fffff880010d343f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80024721a0]

15:18:44.105 Scan finished successfully

15:19:16.672 Disk 0 MBR has been saved successfully to "C:\Users\George\Desktop\MBR.dat"

15:19:16.681 The log file has been saved successfully to "C:\Users\George\Desktop\aswMBR.txt"

 

 

It only took a few seconds does that seem correct?

Gadgie Newbie

Gadgie

Posted
  • Author
Posted

OTL logfile created on: 11/11/2011 3:24:51 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\George\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

 

1.75 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 42.87% Memory free

3.49 Gb Paging File | 1.45 Gb Available in Paging File | 41.48% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 219.29 Gb Total Space | 156.42 Gb Free Space | 71.33% Space Free | Partition Type: NTFS

Drive D: | 13.30 Gb Total Space | 2.21 Gb Free Space | 16.62% Space Free | Partition Type: NTFS

Drive E: | 99.18 Mb Total Space | 95.72 Mb Free Space | 96.51% Space Free | Partition Type: FAT32

 

Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - File not found

PRC - C:\Users\George\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Users\George\Downloads\aswMBR.exe (AVAST Software)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)

PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)

PRC - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()

PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()

PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()

PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

PRC - C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)

PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\ppgooglenaclpluginchrome.dll ()

MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll ()

MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\avutil-51.dll ()

MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\avformat-53.dll ()

MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\avcodec-53.dll ()

MOD - C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\45a20172acfdcc160ecb6bd358179c31\System.Data.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a3f989a61ab0468876629134c49514b2\UIAutomationTypes.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()

MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll ()

MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()

MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll ()

MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll ()

MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll ()

MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()

MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll ()

MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll ()

MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll ()

MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll ()

MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll ()

MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll ()

MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll ()

MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll ()

MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()

MOD - C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll ()

MOD - C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (vseqrts) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe (Authentium, Inc)

SRV:64bit: - (vsedsps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe (Authentium, Inc)

SRV:64bit: - (vseamps) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe (Authentium, Inc)

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe (IDT, Inc.)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe (Andrea Electronics Corporation)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)

SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)

SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)

SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)

SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows ® Win 7 DDK provider)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)

DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)

DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab)

DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)

DRV:64bit: - (KLBG) -- C:\Windows\SysNative\drivers\klbg.sys (Kaspersky Lab)

DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)

DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab)

DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)

DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)

DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)

DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)

DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)

DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\George\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\George\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2011/02/03 17:01:42 | 000,000,000 | ---D | M]

 

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\George\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll

CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\Users\George\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

 

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab)

O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)

O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start File not found

O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)

O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [Epson Stylus Office BX310FN(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHE.EXE /FU "C:\Windows\TEMP\E_S142.tmp" /EF "HKCU" File not found

O4 - HKCU..\Run: [PMSpeed] C:\Program Files (x86)\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)

O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()

O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()

O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)

O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)

O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)

O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00B79012-13F1-4762-9162-B99B29B2073A}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2554BC2-6961-4221-AE9C-1E126C17DA7C}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll (Kaspersky Lab)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll (Kaspersky Lab)

O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)

O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll (Kaspersky Lab)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

 

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/11/11 15:23:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe

[2011/11/10 11:11:59 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Malwarebytes

[2011/11/10 11:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/11/10 11:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/11/10 11:11:30 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/11/10 11:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/11/09 15:47:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders

[2011/11/09 15:27:43 | 000,078,376 | ---- | C] (CyberDefender Corp.) -- C:\Windows\SysNative\drivers\CDAVFS.sys

[2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium

[2011/11/09 15:26:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Authentium

[2011/11/09 12:26:07 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2011/11/09 12:26:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2011/11/09 12:26:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2011/10/27 19:15:52 | 000,000,000 | ---D | C] -- C:\Users\George\Desktop\cheese cakes

[2011/10/19 22:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/10/19 22:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/10/19 22:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/10/19 21:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2011/10/19 21:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

[2011/10/19 20:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2011/10/19 20:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2011/10/19 20:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

 

========== Files - Modified Within 30 Days ==========

 

[2011/11/11 15:22:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe

[2011/11/11 15:19:16 | 000,000,512 | ---- | M] () -- C:\Users\George\Desktop\MBR.dat

[2011/11/11 15:16:05 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1737154417-1697994350-281717988-1002UA.job

[2011/11/11 14:49:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/11/11 10:15:41 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/11/11 10:15:41 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/11/11 10:14:30 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1737154417-1697994350-281717988-1002Core.job

[2011/11/10 19:42:03 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job

[2011/11/10 15:07:04 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/11/10 15:07:04 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/11/10 15:07:04 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/11/10 15:02:15 | 000,001,089 | ---- | M] () -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk

[2011/11/10 15:01:28 | 1406,296,064 | -HS- | M] () -- C:\hiberfil.sys

[2011/11/10 11:11:36 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/09 18:51:04 | 000,000,272 | ---- | M] () -- C:\Windows\reimage.ini

[2011/11/09 16:16:10 | 000,354,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/11/09 15:24:00 | 000,078,376 | ---- | M] (CyberDefender Corp.) -- C:\Windows\SysNative\drivers\CDAVFS.sys

[2011/11/08 20:31:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGeorge.job

[2011/10/27 19:09:46 | 000,002,545 | ---- | M] () -- C:\Users\George\Desktop\Google Chrome.lnk

[2011/10/26 20:43:37 | 000,972,391 | ---- | M] () -- C:\Users\George\IMG_0187.JPG

[2011/10/26 20:43:33 | 001,172,071 | ---- | M] () -- C:\Users\George\IMG_0186.JPG

[2011/10/26 20:43:27 | 001,099,387 | ---- | M] () -- C:\Users\George\IMG_0185.JPG

[2011/10/26 20:42:58 | 001,390,768 | ---- | M] () -- C:\Users\George\IMG_0184.JPG

[2011/10/26 20:42:51 | 001,352,881 | ---- | M] () -- C:\Users\George\IMG_0183.JPG

[2011/10/26 20:42:46 | 001,100,058 | ---- | M] () -- C:\Users\George\IMG_0182.JPG

[2011/10/26 20:42:41 | 001,091,482 | ---- | M] () -- C:\Users\George\IMG_0181.JPG

[2011/10/26 20:42:34 | 001,178,514 | ---- | M] () -- C:\Users\George\IMG_0180.JPG

[2011/10/26 20:42:28 | 001,343,303 | ---- | M] () -- C:\Users\George\IMG_0179.JPG

[2011/10/26 20:42:18 | 001,029,273 | ---- | M] () -- C:\Users\George\IMG_0178.JPG

[2011/10/26 20:42:13 | 001,201,297 | ---- | M] () -- C:\Users\George\IMG_0177.JPG

[2011/10/26 20:42:06 | 001,193,096 | ---- | M] () -- C:\Users\George\IMG_0174.JPG

[2011/10/26 20:42:00 | 001,161,963 | ---- | M] () -- C:\Users\George\IMG_0173.JPG

[2011/10/26 20:41:35 | 001,073,003 | ---- | M] () -- C:\Users\George\IMG_0160.JPG

[2011/10/26 20:41:31 | 001,243,470 | ---- | M] () -- C:\Users\George\IMG_0159.JPG

[2011/10/26 20:41:26 | 001,430,236 | ---- | M] () -- C:\Users\George\IMG_0158.JPG

[2011/10/26 20:41:19 | 001,123,275 | ---- | M] () -- C:\Users\George\IMG_0157.JPG

[2011/10/26 20:41:12 | 001,244,701 | ---- | M] () -- C:\Users\George\IMG_0156.JPG

[2011/10/26 20:41:02 | 001,255,172 | ---- | M] () -- C:\Users\George\IMG_0155.JPG

[2011/10/26 20:40:38 | 001,169,178 | ---- | M] () -- C:\Users\George\IMG_0154.JPG

[2011/10/26 20:40:33 | 001,247,204 | ---- | M] () -- C:\Users\George\IMG_0153.JPG

[2011/10/26 20:40:27 | 001,266,730 | ---- | M] () -- C:\Users\George\IMG_0152.JPG

[2011/10/26 20:39:45 | 001,060,796 | ---- | M] () -- C:\Users\George\IMG_0151.JPG

[2011/10/26 20:39:34 | 001,117,773 | ---- | M] () -- C:\Users\George\IMG_0150.JPG

[2011/10/26 20:39:29 | 001,090,241 | ---- | M] () -- C:\Users\George\IMG_0149.JPG

[2011/10/26 20:38:37 | 001,167,834 | ---- | M] () -- C:\Users\George\IMG_0091.JPG

[2011/10/26 20:38:28 | 001,034,709 | ---- | M] () -- C:\Users\George\IMG_0090.JPG

[2011/10/26 20:38:23 | 001,012,862 | ---- | M] () -- C:\Users\George\IMG_0089.JPG

[2011/10/26 20:38:17 | 001,043,759 | ---- | M] () -- C:\Users\George\IMG_0088.JPG

[2011/10/26 20:38:09 | 001,026,910 | ---- | M] () -- C:\Users\George\IMG_0087.JPG

[2011/10/26 20:38:03 | 000,969,025 | ---- | M] () -- C:\Users\George\IMG_0086.JPG

[2011/10/26 20:37:53 | 001,559,771 | ---- | M] () -- C:\Users\George\IMG_0085.JPG

[2011/10/26 20:37:47 | 001,519,735 | ---- | M] () -- C:\Users\George\IMG_0084.JPG

[2011/10/26 20:36:58 | 001,181,672 | ---- | M] () -- C:\Users\George\IMG_0041.JPG

[2011/10/26 20:36:44 | 001,233,150 | ---- | M] () -- C:\Users\George\IMG_0039.JPG

[2011/10/26 20:36:18 | 001,157,940 | ---- | M] () -- C:\Users\George\IMG_0038.JPG

[2011/10/26 20:18:46 | 001,162,813 | ---- | M] () -- C:\Users\George\IMG_0037.JPG

[2011/10/26 20:17:26 | 001,123,507 | ---- | M] () -- C:\Users\George\IMG_0036.JPG

[2011/10/26 20:17:12 | 001,131,980 | ---- | M] () -- C:\Users\George\IMG_0035.JPG

[2011/10/26 20:16:59 | 001,136,736 | ---- | M] () -- C:\Users\George\IMG_0034.JPG

[2011/10/19 22:35:20 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/10/19 20:34:41 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

 

========== Files Created - No Company Name ==========

 

[2011/11/11 15:19:16 | 000,000,512 | ---- | C] () -- C:\Users\George\Desktop\MBR.dat

[2011/11/10 11:11:36 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/09 18:50:10 | 000,000,272 | ---- | C] () -- C:\Windows\reimage.ini

[2011/10/19 22:35:20 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/10/19 20:34:40 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011/10/19 20:14:05 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2011/10/19 18:35:04 | 001,397,332 | ---- | C] () -- C:\Users\George\IMG_0188.JPG

[2011/10/19 18:35:04 | 001,196,255 | ---- | C] () -- C:\Users\George\IMG_0192.JPG

[2011/10/19 18:35:04 | 001,194,080 | ---- | C] () -- C:\Users\George\IMG_0190.JPG

[2011/10/19 18:35:04 | 001,090,990 | ---- | C] () -- C:\Users\George\IMG_0191.JPG

[2011/10/19 18:35:04 | 001,022,651 | ---- | C] () -- C:\Users\George\IMG_0189.JPG

[2011/10/19 18:35:03 | 001,390,768 | ---- | C] () -- C:\Users\George\IMG_0184.JPG

[2011/10/19 18:35:03 | 001,172,071 | ---- | C] () -- C:\Users\George\IMG_0186.JPG

[2011/10/19 18:35:03 | 001,099,387 | ---- | C] () -- C:\Users\George\IMG_0185.JPG

[2011/10/19 18:35:03 | 000,972,391 | ---- | C] () -- C:\Users\George\IMG_0187.JPG

[2011/10/19 18:35:02 | 001,352,881 | ---- | C] () -- C:\Users\George\IMG_0183.JPG

[2011/10/19 18:35:02 | 001,100,058 | ---- | C] () -- C:\Users\George\IMG_0182.JPG

[2011/10/19 18:35:02 | 001,091,482 | ---- | C] () -- C:\Users\George\IMG_0181.JPG

[2011/10/19 18:35:01 | 001,343,303 | ---- | C] () -- C:\Users\George\IMG_0179.JPG

[2011/10/19 18:35:01 | 001,178,514 | ---- | C] () -- C:\Users\George\IMG_0180.JPG

[2011/10/19 18:35:01 | 001,029,273 | ---- | C] () -- C:\Users\George\IMG_0178.JPG

[2011/10/19 18:35:00 | 001,332,164 | ---- | C] () -- C:\Users\George\IMG_0176.JPG

[2011/10/19 18:35:00 | 001,201,297 | ---- | C] () -- C:\Users\George\IMG_0177.JPG

[2011/10/19 18:35:00 | 001,193,096 | ---- | C] () -- C:\Users\George\IMG_0174.JPG

[2011/10/19 18:35:00 | 001,041,198 | ---- | C] () -- C:\Users\George\IMG_0175.JPG

[2011/10/19 18:34:59 | 001,243,470 | ---- | C] () -- C:\Users\George\IMG_0159.JPG

[2011/10/19 18:34:59 | 001,162,414 | ---- | C] () -- C:\Users\George\IMG_0161.JPG

[2011/10/19 18:34:59 | 001,161,963 | ---- | C] () -- C:\Users\George\IMG_0173.JPG

[2011/10/19 18:34:59 | 001,140,711 | ---- | C] () -- C:\Users\George\IMG_0162.JPG

[2011/10/19 18:34:59 | 001,073,003 | ---- | C] () -- C:\Users\George\IMG_0160.JPG

[2011/10/19 18:34:58 | 001,430,236 | ---- | C] () -- C:\Users\George\IMG_0158.JPG

[2011/10/19 18:34:58 | 001,123,275 | ---- | C] () -- C:\Users\George\IMG_0157.JPG

[2011/10/19 18:34:57 | 001,255,172 | ---- | C] () -- C:\Users\George\IMG_0155.JPG

[2011/10/19 18:34:57 | 001,247,204 | ---- | C] () -- C:\Users\George\IMG_0153.JPG

[2011/10/19 18:34:57 | 001,244,701 | ---- | C] () -- C:\Users\George\IMG_0156.JPG

[2011/10/19 18:34:57 | 001,169,178 | ---- | C] () -- C:\Users\George\IMG_0154.JPG

[2011/10/19 18:34:56 | 001,266,730 | ---- | C] () -- C:\Users\George\IMG_0152.JPG

[2011/10/19 18:34:56 | 001,117,773 | ---- | C] () -- C:\Users\George\IMG_0150.JPG

[2011/10/19 18:34:56 | 001,090,241 | ---- | C] () -- C:\Users\George\IMG_0149.JPG

[2011/10/19 18:34:56 | 001,060,796 | ---- | C] () -- C:\Users\George\IMG_0151.JPG

[2011/10/19 18:34:56 | 000,291,498 | ---- | C] () -- C:\Users\George\IMG_0148.JPG

[2011/10/19 18:34:56 | 000,287,629 | ---- | C] () -- C:\Users\George\IMG_0145.JPG

[2011/10/19 18:34:56 | 000,255,181 | ---- | C] () -- C:\Users\George\IMG_0146.JPG

[2011/10/19 18:34:56 | 000,241,637 | ---- | C] () -- C:\Users\George\IMG_0147.JPG

[2011/10/19 18:34:55 | 001,800,621 | ---- | C] () -- C:\Users\George\IMG_0141.JPG

[2011/10/19 18:34:55 | 000,313,434 | ---- | C] () -- C:\Users\George\IMG_0144.JPG

[2011/10/19 18:34:55 | 000,300,255 | ---- | C] () -- C:\Users\George\IMG_0143.JPG

[2011/10/19 18:34:55 | 000,243,083 | ---- | C] () -- C:\Users\George\IMG_0142.JPG

[2011/10/19 18:34:54 | 001,904,859 | ---- | C] () -- C:\Users\George\IMG_0139.JPG

[2011/10/19 18:34:54 | 001,748,399 | ---- | C] () -- C:\Users\George\IMG_0137.JPG

[2011/10/19 18:34:54 | 001,722,190 | ---- | C] () -- C:\Users\George\IMG_0138.JPG

[2011/10/19 18:34:54 | 001,666,884 | ---- | C] () -- C:\Users\George\IMG_0140.JPG

[2011/10/19 18:34:53 | 001,731,972 | ---- | C] () -- C:\Users\George\IMG_0135.JPG

[2011/10/19 18:34:53 | 001,676,201 | ---- | C] () -- C:\Users\George\IMG_0136.JPG

[2011/10/19 18:34:53 | 001,643,206 | ---- | C] () -- C:\Users\George\IMG_0134.JPG

[2011/10/19 18:34:52 | 001,443,176 | ---- | C] () -- C:\Users\George\IMG_0131.JPG

[2011/10/19 18:34:52 | 001,438,662 | ---- | C] () -- C:\Users\George\IMG_0132.JPG

[2011/10/19 18:34:52 | 001,429,637 | ---- | C] () -- C:\Users\George\IMG_0133.JPG

[2011/10/19 18:34:51 | 001,501,910 | ---- | C] () -- C:\Users\George\IMG_0128.JPG

[2011/10/19 18:34:51 | 001,460,918 | ---- | C] () -- C:\Users\George\IMG_0130.JPG

[2011/10/19 18:34:51 | 001,429,045 | ---- | C] () -- C:\Users\George\IMG_0129.JPG

[2011/10/19 18:34:51 | 001,303,655 | ---- | C] () -- C:\Users\George\IMG_0127.JPG

[2011/10/19 18:34:50 | 001,397,674 | ---- | C] () -- C:\Users\George\IMG_0126.JPG

[2011/10/19 18:34:50 | 001,366,788 | ---- | C] () -- C:\Users\George\IMG_0125.JPG

[2011/10/19 18:34:50 | 001,358,853 | ---- | C] () -- C:\Users\George\IMG_0124.JPG

[2011/10/19 18:34:49 | 001,879,980 | ---- | C] () -- C:\Users\George\IMG_0123.JPG

[2011/10/19 18:34:49 | 001,842,426 | ---- | C] () -- C:\Users\George\IMG_0122.JPG

[2011/10/19 18:34:49 | 001,815,075 | ---- | C] () -- C:\Users\George\IMG_0121.JPG

[2011/10/19 18:34:49 | 001,448,044 | ---- | C] () -- C:\Users\George\IMG_0120.JPG

[2011/10/19 18:34:49 | 001,368,566 | ---- | C] () -- C:\Users\George\IMG_0119.JPG

[2011/10/19 18:34:48 | 001,484,386 | ---- | C] () -- C:\Users\George\IMG_0118.JPG

[2011/10/19 18:34:48 | 000,233,419 | ---- | C] () -- C:\Users\George\IMG_0109.PNG

[2011/10/19 18:34:48 | 000,219,655 | ---- | C] () -- C:\Users\George\IMG_0111.PNG

[2011/10/19 18:34:42 | 048,406,812 | ---- | C] () -- C:\Users\George\IMG_0108.MOV

[2011/10/19 18:34:42 | 001,382,125 | ---- | C] () -- C:\Users\George\IMG_0107.JPG

[2011/10/19 18:34:41 | 001,299,533 | ---- | C] () -- C:\Users\George\IMG_0106.JPG

[2011/10/19 18:34:41 | 001,243,404 | ---- | C] () -- C:\Users\George\IMG_0104.JPG

[2011/10/19 18:34:41 | 001,213,387 | ---- | C] () -- C:\Users\George\IMG_0103.JPG

[2011/10/19 18:34:41 | 001,186,275 | ---- | C] () -- C:\Users\George\IMG_0105.JPG

[2011/10/19 18:34:40 | 000,562,601 | ---- | C] () -- C:\Users\George\IMG_0102.MOV

[2011/10/19 18:34:40 | 000,291,498 | ---- | C] () -- C:\Users\George\IMG_0101.JPG

[2011/10/19 18:34:37 | 012,969,786 | ---- | C] () -- C:\Users\George\IMG_0100.MOV

[2011/10/19 18:34:37 | 001,266,529 | ---- | C] () -- C:\Users\George\IMG_0095.JPG

[2011/10/19 18:34:37 | 001,240,950 | ---- | C] () -- C:\Users\George\IMG_0097.JPG

[2011/10/19 18:34:37 | 001,118,064 | ---- | C] () -- C:\Users\George\IMG_0096.JPG

[2011/10/19 18:34:37 | 001,070,644 | ---- | C] () -- C:\Users\George\IMG_0099.JPG

[2011/10/19 18:34:37 | 001,025,251 | ---- | C] () -- C:\Users\George\IMG_0098.JPG

[2011/10/19 18:34:36 | 001,308,295 | ---- | C] () -- C:\Users\George\IMG_0093.JPG

[2011/10/19 18:34:36 | 001,300,523 | ---- | C] () -- C:\Users\George\IMG_0094.JPG

[2011/10/19 18:34:36 | 001,283,445 | ---- | C] () -- C:\Users\George\IMG_0092.JPG

[2011/10/19 18:34:36 | 001,167,834 | ---- | C] () -- C:\Users\George\IMG_0091.JPG

[2011/10/19 18:34:36 | 001,034,709 | ---- | C] () -- C:\Users\George\IMG_0090.JPG

[2011/10/19 18:34:35 | 001,559,771 | ---- | C] () -- C:\Users\George\IMG_0085.JPG

[2011/10/19 18:34:35 | 001,519,735 | ---- | C] () -- C:\Users\George\IMG_0084.JPG

[2011/10/19 18:34:35 | 001,043,759 | ---- | C] () -- C:\Users\George\IMG_0088.JPG

[2011/10/19 18:34:35 | 001,026,910 | ---- | C] () -- C:\Users\George\IMG_0087.JPG

[2011/10/19 18:34:35 | 001,012,862 | ---- | C] () -- C:\Users\George\IMG_0089.JPG

[2011/10/19 18:34:35 | 000,969,025 | ---- | C] () -- C:\Users\George\IMG_0086.JPG

[2011/10/19 18:34:34 | 001,047,300 | ---- | C] () -- C:\Users\George\IMG_0081.JPG

[2011/10/19 18:34:34 | 001,007,786 | ---- | C] () -- C:\Users\George\IMG_0083.JPG

[2011/10/19 18:34:34 | 000,981,855 | ---- | C] () -- C:\Users\George\IMG_0082.JPG

[2011/10/19 18:34:34 | 000,875,165 | ---- | C] () -- C:\Users\George\IMG_0080.JPG

[2011/10/19 18:34:33 | 001,070,259 | ---- | C] () -- C:\Users\George\IMG_0079.JPG

[2011/10/19 18:34:27 | 040,386,004 | ---- | C] () -- C:\Users\George\IMG_0060.MOV

[2011/10/19 18:34:26 | 001,139,118 | ---- | C] () -- C:\Users\George\IMG_0059.JPG

[2011/10/19 18:34:26 | 000,573,697 | ---- | C] () -- C:\Users\George\IMG_0057.JPG

[2011/10/19 18:34:26 | 000,537,415 | ---- | C] () -- C:\Users\George\IMG_0058.JPG

[2011/10/19 18:34:26 | 000,137,498 | ---- | C] () -- C:\Users\George\IMG_0043.JPG

[2011/10/19 18:34:25 | 001,233,150 | ---- | C] () -- C:\Users\George\IMG_0039.JPG

[2011/10/19 18:34:25 | 001,181,672 | ---- | C] () -- C:\Users\George\IMG_0041.JPG

[2011/10/19 18:34:25 | 001,162,813 | ---- | C] () -- C:\Users\George\IMG_0037.JPG

[2011/10/19 18:34:25 | 001,157,940 | ---- | C] () -- C:\Users\George\IMG_0038.JPG

[2011/10/19 18:34:25 | 001,123,507 | ---- | C] () -- C:\Users\George\IMG_0036.JPG

[2011/10/19 18:34:24 | 001,136,736 | ---- | C] () -- C:\Users\George\IMG_0034.JPG

[2011/10/19 18:34:24 | 001,131,980 | ---- | C] () -- C:\Users\George\IMG_0035.JPG

[2011/04/01 19:16:40 | 000,000,033 | ---- | C] () -- C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini

[2011/03/27 17:54:25 | 000,001,854 | ---- | C] () -- C:\Users\George\AppData\Roaming\GhostObjGAFix.xml

[2010/05/27 10:24:14 | 000,001,378 | ---- | C] () -- C:\ProgramData\ss.ini

[2010/05/22 11:28:58 | 000,000,422 | ---- | C] () -- C:\Users\George\AppData\Roaming\wklnhst.dat

[2010/05/17 18:32:10 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat

[2010/05/17 18:32:10 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat

[2010/05/17 18:32:10 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat

[2010/05/17 18:32:10 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat

[2010/05/17 18:32:10 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat

[2010/05/17 18:32:10 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat

[2010/05/17 18:32:10 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat

[2010/05/17 18:32:10 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat

[2010/05/17 18:32:10 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat

[2010/05/17 18:32:10 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat

[2010/05/17 18:32:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat

[2010/05/17 18:32:10 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat

[2010/05/17 18:32:10 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat

[2010/05/17 18:32:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat

[2010/05/17 18:32:10 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat

[2010/05/17 18:32:10 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat

[2010/05/17 18:32:10 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat

[2010/05/17 18:32:10 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat

[2010/05/17 18:32:10 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini

[2010/05/13 21:49:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2010/03/26 09:27:33 | 000,000,282 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini

[2010/03/26 09:27:33 | 000,000,223 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

[2009/12/17 11:56:52 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

[2009/12/17 09:47:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009/09/29 23:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL

[2009/07/14 05:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 02:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 02:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 00:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 21:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin

[2009/07/13 21:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 21:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 

========== LOP Check ==========

 

[2011/11/10 15:02:04 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\.oit

[2011/01/15 09:20:52 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1

[2011/02/11 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010/05/19 11:53:03 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Epson

[2010/05/13 20:46:00 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\GetRightToGo

[2011/02/11 16:13:43 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\gtk-2.0

[2011/03/11 10:30:06 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\HTC

[2011/03/11 10:30:12 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1

[2010/12/22 00:39:55 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Local

[2010/05/17 18:26:00 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\NewSoft

[2010/05/27 08:37:32 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Sony

[2011/02/22 22:59:58 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Spotify

[2010/06/23 16:15:27 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Template

[2011/03/19 20:30:35 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Windows Live Writer

[2011/11/08 22:54:37 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\_MDLogs

[2011/11/10 19:42:03 | 000,000,254 | ---- | M] () -- C:\Windows\Tasks\Epson Printer Software Downloader.job

[2010/11/17 08:32:29 | 000,032,642 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2009/07/14 01:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr

[2011/11/09 15:26:32 | 000,484,382 | ---- | M] () -- C:\cybdefauth_i.log

[2011/11/09 22:28:58 | 000,019,722 | ---- | M] () -- C:\CybDefInstallInfo.log

[2011/11/09 15:24:00 | 000,000,114 | ---- | M] () -- C:\CybDefWebInstaller.log

[2011/11/10 15:01:28 | 1406,296,064 | -HS- | M] () -- C:\hiberfil.sys

[2010/05/26 12:55:48 | 000,000,186 | ---- | M] () -- C:\hpqlb.log

[2011/11/10 15:01:31 | 1875,062,784 | -HS- | M] () -- C:\pagefile.sys

[2010/06/20 20:38:45 | 000,000,184 | ---- | M] () -- C:\setup.log

[2010/09/26 10:34:16 | 000,000,084 | ---- | M] () -- C:\SYNTPAD.LOG

 

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %systemroot%\system32\*.exe /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

 

< %PROGRAMFILES%\* >

[2009/07/14 04:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

 

< %USERPROFILE%\..|smtmp;true;true;true /FP >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

 

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\George\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/10/26 08:10:47 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\George\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/10/26 08:10:47 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\George\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/10/26 08:10:47 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\George\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/10/26 08:10:47 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 01:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 01:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 01:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/08/20 04:35:15 | 000,673,024 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/08/20 04:35:15 | 000,673,024 | ---- | M] (Microsoft Corporation)

 

< hklm\software\clients\startmenuinternet|command /64 /rs >

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\GEORGE\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2011/10/26 08:10:47 | 001,036,344 | ---- | M] (Google Inc.)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\GEORGE\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2011/10/26 08:10:47 | 001,036,344 | ---- | M] (Google Inc.)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\GEORGE\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2011/10/26 08:10:47 | 001,036,344 | ---- | M] (Google Inc.)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\GEORGE\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2011/10/26 08:10:47 | 001,036,344 | ---- | M] (Google Inc.)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/14 01:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/14 01:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/14 01:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/08/20 04:35:15 | 000,673,024 | ---- | M] (Microsoft Corporation)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/08/20 04:35:15 | 000,673,024 | ---- | M] (Microsoft Corporation)

 

 

< End of report >

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...